Authors:
Farina, Jason; Scanlon, Mark and Kechadi, M-Tahar
Publication Date:
March 2014
Publication Name:
Digital Investigation
Abstract:
With professional and home Internet users becoming increasingly concerned with data protection and privacy, the privacy afforded by popular cloud file synchronisation services, such as Dropbox, OneDrive and Google Drive, is coming under scrutiny in the press. A number of these services have recently been reported as sharing information with governmental security agencies without warrants. BitTorrent Sync is seen as an alternative by many and has gathered over two million users by December 2013 (doubling since the previous month). The service is completely decentralised, offers much of the same synchronisation functionality of cloud powered services and utilises encryption for data transmission (and optionally for remote storage). The importance of understanding BitTorrent Sync and its resulting digital investigative implications for law enforcement and forensic investigators will be paramount to future investigations. This paper outlines the client application, its detected network traffic and identifies artefacts that may be of value as evidence for future digital investigations.
Download:
BibTeX Entry:
@article{Farina2014S77,
title = "BitTorrent Sync: First Impressions and Digital Forensic Implications",
journal = "Digital Investigation",
volume = "11, Supplement 1",
number = "1",
pages = "S77-S86",
year = "2014",
month = "03",
note = "Proceedings of the First Annual \{DFRWS\} Europe",
issn = "1742-2876",
doi = "http://dx.doi.org/10.1016/j.diin.2014.03.010",
url = "http://www.sciencedirect.com/science/article/pii/S1742287614000152",
author = "Farina, Jason and Scanlon, Mark and Kechadi, M-Tahar",
keywords = "BitTorrent",
keywords = "Sync",
keywords = "Peer-to-Peer",
keywords = "Synchronisation",
keywords = "Privacy",
keywords = "Digital forensics",
abstract="With professional and home Internet users becoming increasingly concerned with data protection and privacy, the privacy afforded by popular cloud file synchronisation services, such as Dropbox, OneDrive and Google Drive, is coming under scrutiny in the press. A number of these services have recently been reported as sharing information with governmental security agencies without warrants. BitTorrent Sync is seen as an alternative by many and has gathered over two million users by December 2013 (doubling since the previous month). The service is completely decentralised, offers much of the same synchronisation functionality of cloud powered services and utilises encryption for data transmission (and optionally for remote storage). The importance of understanding BitTorrent Sync and its resulting digital investigative implications for law enforcement and forensic investigators will be paramount to future investigations. This paper outlines the client application, its detected network traffic and identifies artefacts that may be of value as evidence for future digital investigations."
}