Leveraging Decentralisation to Extend the Digital Evidence Acquisition Window: Case Study on BitTorrent Sync
Files in This Item:
|LeveragingDecentralisationToExtendTheDigitalEvidenceAcquisitionWindow.pdf||372.03 kB||Adobe PDF||Download|
|Title:||Leveraging Decentralisation to Extend the Digital Evidence Acquisition Window: Case Study on BitTorrent Sync||Authors:||Scanlon, Mark
|Permanent link:||http://hdl.handle.net/10197/7679||Date:||2014||Abstract:||File synchronization services such as Dropbox, Google Drive, Microsoft OneDrive, Apple iCloud, etc., are becoming increasingly popular in today's always-connected world. A popular alternative to the aforementioned services is BitTorrent Sync. This is a decentralized/cloudless file synchronization service and is gaining significant popularity among Internet users with privacy concerns over where their data is stored and who has the ability to access it. The focus of this paper is the remote recovery of digital evidence pertaining to files identified as being accessed or stored on a suspect's computer or mobile device. A methodology for the identification, investigation, recovery and verification of such remote digital evidence is outlined. Finally, a proof-of-concept remote evidence recovery from BitTorrent Sync shared folder highlighting a number of potential scenarios for the recovery and verification of such evidence.||Type of material:||Journal Article||Publisher:||Association of Digital Forensics, Security and Law||Copyright (published version):||2014 ADFSL||Keywords:||Digital evidence acquisition; BitTorrent sync; Remote forensics; Peer-to-peer; File synchronisation services; Digital evidence; Remote evidence recovery; Mobile device forensics||Language:||en||Status of Item:||Peer reviewed|
|Appears in Collections:||Computer Science Research Collection|
Show full item record
This item is available under the Attribution-NonCommercial-NoDerivs 3.0 Ireland. No item may be reproduced for commercial purposes. For other possible restrictions on use please refer to the publisher's URL where this is made available, or to notes contained in the item itself. Other terms may apply.