Forensic investigation framework for P2P protocol

T. Manesh; M. Mohammed Sha; K. Vivekanandan

doi:10.1109/ICCICCT.2014.6992966

Forensic investigation framework for P2P protocol

T. Manesh, M. Mohammed Sha, K. Vivekanandan

Software Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

Online sharing of digital assents have now become common in the internet by its increased number of users over a decade drastically. There are many online sharing resources which offer huge storage. These facilities tend the internet users to upload and download pirated softwares, movies and other similar digital assets which violates all copyrights. The P2P protocol is working behind such online sharing websites and resources. The cyber cell is very active now in various parts of the country to trace and fraudulent sharing of files when reported. So it is necessary to have an efficient mechanism to find the actual content which is being uploaded or downloaded from a particular machine as part of network forensic investigation. Usually P2P websites and services are blocked in enterprises and educational institutions to avoid sharing of unwanted digital assets and also to increase internet bandwidth. The proposed novel technique is based on network forensics which can be used for content level observation of P2P Bit Torrent protocol and regenerate original malicious content or session between malicious users for their prosecution in the court.

Original language	English
Title of host publication	2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	256-264
Number of pages	9
ISBN (Electronic)	9781479941902
DOIs	https://doi.org/10.1109/ICCICCT.2014.6992966
State	Published - 18 Dec 2014
Event	2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014 - KanyaKumari District, Tamil Nadu, India Duration: 10 Jul 2014 → 11 Jul 2014

Publication series

Name	2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014

Conference

Conference	2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014
Country/Territory	India
City	KanyaKumari District, Tamil Nadu
Period	10/07/14 → 11/07/14

Keywords

Network Forensics
P2P network
P2P Traffic Analysis
Packet Reordering
PCAP File
Torrent File

Access to Document

10.1109/ICCICCT.2014.6992966

Cite this

Manesh, T., Sha, M. M., & Vivekanandan, K. (2014). Forensic investigation framework for P2P protocol. In 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014 (pp. 256-264). Article 6992966 (2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICCICCT.2014.6992966

Manesh, T. ; Sha, M. Mohammed ; Vivekanandan, K. / Forensic investigation framework for P2P protocol. 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014. Institute of Electrical and Electronics Engineers Inc., 2014. pp. 256-264 (2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014).

@inproceedings{466fd58403dc4fd09644dfdc07ab1807,

title = "Forensic investigation framework for P2P protocol",

abstract = "Online sharing of digital assents have now become common in the internet by its increased number of users over a decade drastically. There are many online sharing resources which offer huge storage. These facilities tend the internet users to upload and download pirated softwares, movies and other similar digital assets which violates all copyrights. The P2P protocol is working behind such online sharing websites and resources. The cyber cell is very active now in various parts of the country to trace and fraudulent sharing of files when reported. So it is necessary to have an efficient mechanism to find the actual content which is being uploaded or downloaded from a particular machine as part of network forensic investigation. Usually P2P websites and services are blocked in enterprises and educational institutions to avoid sharing of unwanted digital assets and also to increase internet bandwidth. The proposed novel technique is based on network forensics which can be used for content level observation of P2P Bit Torrent protocol and regenerate original malicious content or session between malicious users for their prosecution in the court.",

keywords = "Network Forensics, P2P network, P2P Traffic Analysis, Packet Reordering, PCAP File, Torrent File",

author = "T. Manesh and Sha, \{M. Mohammed\} and K. Vivekanandan",

note = "Publisher Copyright: {\textcopyright} 2014 IEEE.; 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014 ; Conference date: 10-07-2014 Through 11-07-2014",

year = "2014",

month = dec,

day = "18",

doi = "10.1109/ICCICCT.2014.6992966",

language = "English",

series = "2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "256--264",

booktitle = "2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014",

address = "United States",

}

Manesh, T, Sha, MM & Vivekanandan, K 2014, Forensic investigation framework for P2P protocol. in 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014., 6992966, 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014, Institute of Electrical and Electronics Engineers Inc., pp. 256-264, 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014, KanyaKumari District, Tamil Nadu, India, 10/07/14. https://doi.org/10.1109/ICCICCT.2014.6992966

Forensic investigation framework for P2P protocol. / Manesh, T.; Sha, M. Mohammed; Vivekanandan, K.
2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014. Institute of Electrical and Electronics Engineers Inc., 2014. p. 256-264 6992966 (2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Forensic investigation framework for P2P protocol

AU - Manesh, T.

AU - Sha, M. Mohammed

AU - Vivekanandan, K.

PY - 2014/12/18

Y1 - 2014/12/18

N2 - Online sharing of digital assents have now become common in the internet by its increased number of users over a decade drastically. There are many online sharing resources which offer huge storage. These facilities tend the internet users to upload and download pirated softwares, movies and other similar digital assets which violates all copyrights. The P2P protocol is working behind such online sharing websites and resources. The cyber cell is very active now in various parts of the country to trace and fraudulent sharing of files when reported. So it is necessary to have an efficient mechanism to find the actual content which is being uploaded or downloaded from a particular machine as part of network forensic investigation. Usually P2P websites and services are blocked in enterprises and educational institutions to avoid sharing of unwanted digital assets and also to increase internet bandwidth. The proposed novel technique is based on network forensics which can be used for content level observation of P2P Bit Torrent protocol and regenerate original malicious content or session between malicious users for their prosecution in the court.

AB - Online sharing of digital assents have now become common in the internet by its increased number of users over a decade drastically. There are many online sharing resources which offer huge storage. These facilities tend the internet users to upload and download pirated softwares, movies and other similar digital assets which violates all copyrights. The P2P protocol is working behind such online sharing websites and resources. The cyber cell is very active now in various parts of the country to trace and fraudulent sharing of files when reported. So it is necessary to have an efficient mechanism to find the actual content which is being uploaded or downloaded from a particular machine as part of network forensic investigation. Usually P2P websites and services are blocked in enterprises and educational institutions to avoid sharing of unwanted digital assets and also to increase internet bandwidth. The proposed novel technique is based on network forensics which can be used for content level observation of P2P Bit Torrent protocol and regenerate original malicious content or session between malicious users for their prosecution in the court.

KW - Network Forensics

KW - P2P network

KW - P2P Traffic Analysis

KW - Packet Reordering

KW - PCAP File

KW - Torrent File

UR - http://www.scopus.com/inward/record.url?scp=84921688073&partnerID=8YFLogxK

U2 - 10.1109/ICCICCT.2014.6992966

DO - 10.1109/ICCICCT.2014.6992966

M3 - Conference contribution

AN - SCOPUS:84921688073

T3 - 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014

SP - 256

EP - 264

BT - 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014

Y2 - 10 July 2014 through 11 July 2014

ER -

Manesh T, Sha MM, Vivekanandan K. Forensic investigation framework for P2P protocol. In 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014. Institute of Electrical and Electronics Engineers Inc. 2014. p. 256-264. 6992966. (2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014). doi: 10.1109/ICCICCT.2014.6992966

Forensic investigation framework for P2P protocol

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this