Research and Design of the Computer Forensic Tool for the P2P Downloading Software

The data file of downloading records in the P2P downloading software contain the rich personal information. So mining and analyzing the useful clues inside has become a significant means and research area for the computer investigation and forensics. The Thunder which is the typical representative of P2P downloading software and the most popular in China has been emphatically analyzed in this paper, and the data file of downloading records named the ThunderStorage.dat also has been comprehensively parsed, then all the information of downloading records has been restored and extracted. Finally, a computer forensic tool which is effective to restore and extract all the information of downloading records has been researched and designed, it is better to avoid the troubles of research on their encoding format and complex internal logical structure each time. The experimental results show that the computer forensic tool has the advantages as follows: simple operation, stable operation, rapid parsing and correct result, and especially suitable for the computer forensics.