Forensic Analysis of Ares Galaxy Peer-to-Peer Network

Files in This Item:
File Description SizeFormat 
insight_publication.pdf725.79 kBAdobe PDFDownload
Title: Forensic Analysis of Ares Galaxy Peer-to-Peer Network
Authors: Kolenbrander, Frank
Le-Khac, Nhien-An
Kechadi, Tahar
Permanent link:
Date: 26-May-2016
Abstract: Child Abuse Material (CAM) is widely available on P2P networks. Over the last decade several tools were made for 24/7 monitoring of peer-to-peer (p2p) networks to discover suspects that use these networks for downloading and distribution of CAM. For some countries the amount of cases generated by these tools is so great that Law Enforcement (LE) just cannot handle them all. This is not only leading to backlogs and prioritizing of cases but also leading to discussions about the possibility of disrupting these networks and sending warning messages to potential CAM offenders. Recently, investigators are reporting that they are creating more serious cases on Ares Galaxy (Ares) than on other open p2p networks. Little has been done on automatic prioritization of cases with the information obtained from data that is available on P2P networks. Cases are mostly selected based on the highest number of CAM, while studies indicate that the abusers are most likely to be found not within that top user list. What kind of information can we use to prioritize cases in another way? Is it possible to disturb the network by sending warning messages and sharing fake material? Although the past years have seen a lot of successful CAM cases, generated in several countries, there is still little known about the Ares network. Although Ares network is open source, the protocol is not documented and the program does not come with serious documentation or support. In this paper, we present first of all a forensic analysis of using of Ares network in relation with the distribution of CAM. We then describe forensic artefacts found on an Ares computer involved in CAM.
Type of material: Conference Publication
Keywords: OptimisationDecision analyticsP2P network forensicsAres Galaxy networkChild abuse material
Other versions:
Language: en
Status of Item: Peer reviewed
Conference Details: 11th Annual ADFSL Conference on Digital Forensics, Security and Law 2016, Florida Embry Riddle Aeronautical University, Florida, United States, 24-26 May 2016
Appears in Collections:Computer Science Research Collection
Insight Research Collection

Show full item record

Google ScholarTM


This item is available under the Attribution-NonCommercial-NoDerivs 3.0 Ireland. No item may be reproduced for commercial purposes. For other possible restrictions on use please refer to the publisher's URL where this is made available, or to notes contained in the item itself. Other terms may apply.