BitTorrent Sync: Network Investigation Methodology

Files in This Item:
File Description SizeFormat 
BitTorrentSyncNetworkInvestigationMethodology.pdf401.54 kBAdobe PDFDownload
Title: BitTorrent Sync: Network Investigation Methodology
Authors: Scanlon, Mark
Farina, Jason
Kechadi, Tahar
Permanent link:
Date: 12-Sep-2014
Abstract: The volume of personal information and data most Internet users find themselves amassing is ever increasing and the fast pace of the modern world results in most requiring instant access to their files. Millions of these users turn to cloud based file synchronisation services, such as Dropbox, Microsoft Skydrive, Apple iCloud and Google Drive, to enable 'always-on' access to their most up-to-date data from any computer or mobile device with an Internet connection. The prevalence of recent articles covering various invasion of privacy issues and data protection breaches in the media has caused many to review their online security practices with their personal information. To provide an alternative to cloud based file backup and synchronisation, BitTorrent Inc. released an alternative cloudless file backup and synchronisation service, named BitTorrent Sync to alpha testers in April 2013. BitTorrent Sync's popularity rose dramatically throughout 2013, reaching over two million active users by the end of the year. This paper outlines a number of scenarios where the network investigation of the service may prove invaluable as part of a digital forensic investigation. An investigation methodology is proposed outlining the required steps involved in retrieving digital evidence from the network and the results from a proof of concept investigation are presented.
Type of material: Conference Publication
Publisher: IEEE
Copyright (published version): 2014 IEEE
Keywords: BitTorrent Sync;Digital forensics;Network investigation;Synchronization;Protocols;Cloud computing;Cryptography;Servers;Forensics;Methodology
DOI: 10.1109/ARES.2014.11
Language: en
Status of Item: Peer reviewed
Conference Details: Ninth International Conference on Availability, Reliability and Security (ARES 2014), Fribourg, Switzerland, 8 - 12 September 2014
Appears in Collections:Computer Science Research Collection

Show full item record

Citations 20

Last Week
Last month
checked on Jun 22, 2018

Google ScholarTM



This item is available under the Attribution-NonCommercial-NoDerivs 3.0 Ireland. No item may be reproduced for commercial purposes. For other possible restrictions on use please refer to the publisher's URL where this is made available, or to notes contained in the item itself. Other terms may apply.