±Partners and Sponsors
New Today: 2
New Yesterday: 8
· The Complete Workflow of Forensic Image and Video Analysis
· Browser Anti Forensics
· Coming apart at the SIEMs …
· WeChat Forensics
· DFRWS Europe 2014 Annual Conference – Recap
· Considering A Career in Audio-Video Forensics? Enhance Your Prospects With Continuing Education
· Forensics Europe Expo 2014 – Recap
· Windows Logon Password – Get Windows Logon Password using Wdigest in Memory Dump
· Windows Forensics and Security
±Follow Forensic Focus
Research Paper - Torrent
I am currently working on a research paper on forensically reviewing bittorrent artefacts, however I would like to push the ball a bit furhter and ask my peers what they would think is good to include in the research and experiment, so to say what the need in the community is?
I appreciate the help
- VelandraI am currently working on a research paper on forensically reviewing bittorrent artefacts, however I would like to push the ball a bit furhter and ask my peers what they would think is good to include in the research and experiment, so to say what the need in the community is?
If the scope is as you have put it, you obviously are going to include *all* artifacts: from installation, via upload and download use (in different modes), through to uninstall, and for all 'bittorrent' that exist -- or at least major releases of them.
Nothing of that can be uninteresting.
If anything might be of special interest, I would at a stretch suggest analyzing sector (or cluster) hashes to identify any hashes that point stringly to the examined binaries. Or strings or other byte sequences that would be strongly indicative of the examined software. Or perhaps look at fuzzy hashing over binary files of different release versions, to get an idea of how well a fuzzy hash for version 1.0 matches versions 1.x or even 2.0.
However, if you are placing any restrictions on the research, it would be useful to know that first. Useless to suggest comparing multiple versions if you only plan to examine one, for example.
- Senior Member