Universal Peer-to-Peer Network Investigation Framework

Files in This Item:
File Description SizeFormat 
UniversalPeerToPeerNetworkInvestigationFramework.pdf835.86 kBAdobe PDFDownload
Title: Universal Peer-to-Peer Network Investigation Framework
Authors: Scanlon, Mark
Kechadi, Tahar
Permanent link: http://hdl.handle.net/10197/7381
Date: 6-Sep-2013
Abstract: Peer-to-Peer (P2P) networking has fast become a useful technological advancement for a vast range of cyber criminal activities. Cyber crimes from copyright infringement and spamming, to serious, high financial impact crimes, such as fraud, distributed denial of service attacks (DDoS) and phishing can all be aided by applications and systems based on the technology. The requirement for investigating P2P based systems is not limited to the more well known cyber crimes listed above, as many more legitimate P2P based applications may also be pertinent to a digital forensic investigation, e.g., VoIP and instant messaging communications, etc. Investigating these networks has become increasingly difficult due to the broad range of network topologies and the ever increasing and evolving range of P2P based applications. This paper introduces the Universal Peer-to-Peer Network Investigation Framework (UP2PNIF), a framework which enables significantly faster and less labour intensive investigation of newly discovered P2P networks through the exploitation of the commonalities in network functionality. In combination with a reference database of known network protocols and characteristics, it is envisioned that any known P2P network can be instantly investigated using the framework. The framework can intelligently determine the best methodology dependant on the focus of the investigation resulting in a significantly expedited evidence gathering process.
Funding Details: Irish Research Council
Type of material: Conference Publication
Publisher: IEEE
Copyright (published version): 2013 IEEE
Keywords: P2PPeer-to-peerBotnetMitigationComputer forensicsCybercrimeInvestigation
DOI: 10.1109/ARES.2013.91
Language: en
Status of Item: Peer reviewed
Conference Details: First International Workshop on Emerging Cyberthreats and Countermeasures (ECTCM 2013), part of the Eight International Conference on Availability, Reliability and Security (ARES2013), Regensburg, Germany, 2 - 6 September 2013
Appears in Collections:Computer Science Research Collection
Insight Research Collection

Show full item record

Citations 50

Last Week
Last month
checked on Aug 17, 2018

Download(s) 50

checked on May 25, 2018

Google ScholarTM



This item is available under the Attribution-NonCommercial-NoDerivs 3.0 Ireland. No item may be reproduced for commercial purposes. For other possible restrictions on use please refer to the publisher's URL where this is made available, or to notes contained in the item itself. Other terms may apply.