Title :
Research and Design of the Computer Forensic Tool for the P2P Downloading Software
Author :
Fu, Changhong ; Wu, Shunxiang
Author_Institution :
Dept. of Autom., Xiamen Univ., Xiamen, China
fDate :
Nov. 30 2009-Dec. 1 2009
Abstract :
The data file of downloading records in the P2P downloading software contain the rich personal information. So mining and analyzing the useful clues inside has become a significant means and research area for the computer investigation and forensics. The Thunder which is the typical representative of P2P downloading software and the most popular in China has been emphatically analyzed in this paper, and the data file of downloading records named the ThunderStorage.dat also has been comprehensively parsed, then all the information of downloading records has been restored and extracted. Finally, a computer forensic tool which is effective to restore and extract all the information of downloading records has been researched and designed, it is better to avoid the troubles of research on their encoding format and complex internal logical structure each time. The experimental results show that the computer forensic tool has the advantages as follows: simple operation, stable operation, rapid parsing and correct result, and especially suitable for the computer forensics.
Keywords :
computer forensics; peer-to-peer computing; P2P downloading software; Thunder; ThunderStorage; complex internal logical structure; computer forensic tool; data file; Data mining; Design automation; Encoding; Forensics; Hardware; Information analysis; Internet; Knowledge acquisition; Peer to peer computing; Software tools; P2P; SQLite3; Thunder; computer forensic tool; file parsing;
Conference_Titel :
Knowledge Acquisition and Modeling, 2009. KAM '09. Second International Symposium on
Conference_Location :
Wuhan
Print_ISBN :
978-0-7695-3888-4
DOI :
10.1109/KAM.2009.205
