You are here

LEVERAGING DECENTRALIZATION TO EXTEND THE DIGITAL EVIDENCE ACQUISITION WINDOW: CASE STUDY ON BITTORRENT SYNC

Authors: 

Tahar Kechadi, Mark Scanlon, Jason Farina, Nhien An Le Khac

Publication Type: 
Refereed Conference Meeting Proceeding
Abstract: 
File synchronization services such as Dropbox, Google Drive, Microsoft OneDrive, Apple iCloud, etc., are becoming increasingly popular in today's always-connected world. A popular alternative to the aforementioned services is BitTorrent Sync. This is a decentralized/cloudless le synchro- nization service and is gaining signi cant popularity among Internet users with privacy concerns over where their data is stored and who has the ability to access it. The focus of this paper is the remote recovery of digital evidence pertaining to les identi ed as being accessed or stored on a suspect's computer or mobile device. A methodology for the identi cation, investigation, recovery and veri cation of such remote digital evidence is outlined. Finally, a proof-of-concept remote evi- dence recovery from BitTorrent Sync shared folder highlighting a number of potential scenarios for the recovery and veri cation of such evidence.
Conference Name: 
6th International Conference on Digital Forensics & Cyber Crime (ICDF2C 2014)
Proceedings: 
6th International Conference on Digital Forensics & Cyber Crime (ICDF2C 2014)
Digital Object Identifer (DOI): 
10.NA
Publication Date: 
18/09/2014
Conference Location: 
United States of America
Institution: 
National University of Ireland, Dublin (UCD)
Open access repository: 
Yes