Skip to Main content Skip to Navigation
Conference papers

Evidence Collection in Peer-to-Peer Network Investigations

Abstract : Peer-to-peer (P2P) file sharing networks are often abused to distribute content that is prohibited by law. Strong evidence of suspicion must be provided to obtain a court order to identify the location of an offender. However, initial evidence collection from a P2P network is a challenge due to the lack of a central point of control and the dynamic nature of the network. This paper describes an initial evidence collection tool for P2P network forensics. The tool performs active and passive monitoring by inserting a modified peer node in a P2P network that records relevant information about nodes that distribute contraband files. It logs data sent by suspicious nodes along with timestamps and unique identification information, which provides a strong, verifiable body of initial evidence.
Document type :
Conference papers
Complete list of metadata

https://hal.inria.fr/hal-01523704
Contributor : Hal Ifip <>
Submitted on : Tuesday, May 16, 2017 - 5:10:13 PM
Last modification on : Thursday, March 5, 2020 - 4:46:40 PM
Long-term archiving on: : Friday, August 18, 2017 - 12:28:56 AM

File

978-3-642-33962-2_15_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Teja Myneedu, Yong Guan. Evidence Collection in Peer-to-Peer Network Investigations. 8th International Conference on Digital Forensics (DF), Jan 2012, Pretoria, South Africa. pp.215-230, ⟨10.1007/978-3-642-33962-2_15⟩. ⟨hal-01523704⟩

Share

Metrics

Record views

117

Files downloads

1112