Title :
BitStalker: Accurately and efficiently monitoring bittorrent traffic
Author :
Bauer, Kevin ; McCoy, Damon ; Grunwald, Dirk ; Sicker, Douglas
Author_Institution :
Univ. of Colorado, Boulder, CO, USA
Abstract :
BitTorrent is currently the most popular peer-to-peer network for file sharing. However, experience has shown that BitTorrent is often used to distribute copyright protected movie and music files illegally. Consequently, copyright enforcement agencies currently monitor BitTorrent swarms to identify users participating in the illegal distribution of copyright-protected files. These investigations rely on passive methods that are prone to a variety of errors, particularly false positive identification. To mitigate the potential for false positive peer identification, we investigate the feasibility of using active methods to monitor extremely large BitTorrent swarms. We develop an active probing framework called BitStalker that identifies active peers and collects concrete forensic evidence that they were involved in sharing a particular file. We evaluate the effectiveness of this approach through a measurement study with real, large torrents consisting of over 186,000 peers. We find that the current investigative methods produce at least 11% false positives, while we show that false positives are rare with our active approach.
Keywords :
computer crime; computer forensics; copy protection; peer-to-peer computing; BitStalker; bittorrent traffic monitoring; copyright protected files; false positive peer identification; file sharing; illegal file distribution; peer-to-peer network; Cloud computing; Concrete; File servers; Forensics; Law; Legal factors; Monitoring; Peer to peer computing; Protection; Protocols; Data mining for forensic evidence;
Conference_Titel :
Information Forensics and Security, 2009. WIFS 2009. First IEEE International Workshop on
Conference_Location :
London
Print_ISBN :
978-1-4244-5279-8
Electronic_ISBN :
978-1-4244-5280-4
DOI :
10.1109/WIFS.2009.5386457
