Abstract
In recent years, peer-to-peer (P2P) applications have become the dominant form of Internet traffic. Foxy, a Chinese community focused filesharing tool, is increasingly being used to disseminate private data and sensitive documents in Hong Kong. Unfortunately, its scattered design and a highly distributed network make it difficult to locate a file originator. This paper proposes an investigative model for analyzing Foxy communications and identifying the first uploaders of files. The model is built on the results of several experiments, which reveal behavior patterns of the Foxy protocol that can be used to expose traces of file originators.
Chapter PDF
Similar content being viewed by others
References
Architecture Technology Corporation, P2P Marshal Digital Forensics Software, Eden Prairie, Minnesota (p2pmarshal.atc-nycorp .com).
E. Bangeman, P2P responsible for as much as 90 percent of all ’Net traffic, Ars Technica, September 3, 2007.
BBC News, BitTorrent user guilty of piracy (news.bbc.co.uk/1/hi /technology/4374222.stm), October 25, 2005.
J. Cheng, Sandvine: Close to half of all bandwidth sucked up by P2P, Ars Technica, June 23, 2008.
M. Chesterton, Edison Chen and 7 HK stars involved in sex photos scandal, eNews 2.0, February 21, 2008.
K. Chow, K. Cheng, L. Man, P. Lai, L. Hui, C. Chong, K. Pun, W. Tsang, H. Chan and S. Yiu, BTM - An automated rule-based BT monitoring system for piracy detection, Proceedings of the Second International Conference on Internet Monitoring and Protection, p. 2, 2007.
K. Chow, R. Ieong, M. Kwan, P. Lai, F. Law, H. Tse and K. Tse, Security Analysis of the Foxy Peer-to-Peer File-Sharing Tool, Technical Report TR-2008-09, Department of Computer Science, University of Hong Kong, Hong Kong, 2008.
Discordia, Shareaza, New York (www.shareaza.com).
Gnutella2, Gnutella2 Developer Network (g2.trillinux.org).
R. Ieong, P. Lai, K. Chow, M. Kwan, F. Law, H. Tse and K. Tse, Forensic investigation and analysis of peer-to-peer file-sharing networks (submitted for publication), 2009.
P. Moy, Warning over rape clips, The Standard, Hong Kong, September 12, 2008.
P. Moy and N. Patel, Covert cops hit by leaks, The Standard, Hong Kong, May 27, 2008.
O. Nasraoui, D. Keeling, A. Elmaghraby, G. Higgins and M. Losavio, Node-based probing and monitoring to investigate the use of peer-to-peer technologies for the distribution of contraband material, Proceedings of the Third International Workshop on Systematic Approaches to Digital Forensic Engineering, pp. 135–140, 2008.
Vastel Technology, Foxy, Hong Kong (www.gofoxy.net).
Wireshark Foundation, Wireshark, San Jose, California (www.wire shark.org).
Zemerick Software, Spear Forensics Software, Oak Hill, West Virginia (www.spearforensics.com/products/forensicp2p/index.aspx).
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Ieong, R., Lai, P., Chow, KP., Law, F., Kwan, M., Tse, K. (2009). A Model for Foxy Peer-to-Peer Network Investigations. In: Peterson, G., Shenoi, S. (eds) Advances in Digital Forensics V. DigitalForensics 2009. IFIP Advances in Information and Communication Technology, vol 306. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04155-6_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-04155-6_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04154-9
Online ISBN: 978-3-642-04155-6
eBook Packages: Computer ScienceComputer Science (R0)