![]() ![]() ![]() In a series of diaries I am going to discuss about residual artefacts of BitTorrent Sync version 2.0 on Windows 8.1, Mac OS X Mavericks 10.9.5, Ubuntu 14.04.1 LTS, iOS 7.1.2, iPhone 4 running iOS 7.1.2 and a HTC One X running Android KitKat 4.4.4 ( For a more involved reading which include experiment setup and full details of our investigation please refer to our paper titled “Forensic Investigation of P2P Cloud Storage: BitTorrent Sync as a Case Study” (Reference 5)). However, as a redesigned folder sharing workflow has been introduced in the newer version of BitTorrent Sync (from version 1.4 onwards), there is a need to develop an up-to-date understanding of the artefacts from the newer BitTorrent Sync applications. Back then I used papers authored by Scanlon, M., Farina et al., (Refer to References 1,2,3,4) on the investigation of BitTorrent Sync (version 1.1.82). ![]() In one of my recent engagements, I had to investigate BitTorrent Sync version 2.0 on a range of different devices. Residual forensic researchers are usually listing minimum evidences that can be extracted by a forensics practitioner. One of the nightmares of any forensics investigator is to come across a new or undocumented platform or application during an investigation with tight deadlines! The investigator has only limited research time to detect evidences hoping not to miss any essential remnants! Fortunately there is a field of research called “Residual Data Forensic” in which researchers detect and document remnants (evidence) of forensic value of user activities on different platforms. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |