iCOP: Live forensics to reveal previously unknown criminal media on P2P networks

Show simple item record

dc.contributor.author Peersman, Claudia
dc.contributor.author Schulze, Christian
dc.contributor.author Rashid, Awais
dc.contributor.author Brennan, Margaret
dc.contributor.author Fischer, Carl
dc.date.accessioned 2019-10-26T07:28:36Z
dc.date.available 2019-10-26T07:28:36Z
dc.date.issued 2016-07-16
dc.identifier.citation Peersman, C., Schulze, C., Rashid, A., Brennan, M. and Fischer, C. (2016) 'iCOP: Live forensics to reveal previously unknown criminal media on P2P networks', Digital Investigation, 18, pp. 50-64. (15pp.) DOI: 10.1016/j.diin.2016.07.002 en
dc.identifier.volume 18 en
dc.identifier.startpage 50 en
dc.identifier.endpage 64 en
dc.identifier.issn 1742-2876
dc.identifier.uri http://hdl.handle.net/10468/8886
dc.identifier.doi 10.1016/j.diin.2016.07.002 en
dc.description.abstract The increasing levels of criminal media being shared in peer-to-peer (P2P) networks pose a significant challenge to law enforcement agencies. One of the main priorities for P2P investigators is to identify cases where a user is actively engaged in the production of child sexual abuse (CSA) media – they can be indicators of recent or on-going child abuse. Although a number of P2P monitoring tools exist to detect paedophile activity in such networks, they typically rely on hash value databases of known CSA media. As a result, these tools are not able to adequately triage the thousands of results they retrieve, nor can they identify new child abuse media that are being released on to a network. In this paper, we present a new intelligent forensics approach that incorporates the advantages of artificial intelligence and machine learning theory to automatically flag new/previously unseen CSA media to investigators. Additionally, the research was extensively discussed with law enforcement cybercrime specialists from different European countries and Interpol. The approach has been implemented into the iCOP toolkit, a software package that is designed to perform live forensic analysis on a P2P network environment. In addition, the system offers secondary features, such as showing on-line sharers of known CSA files and the ability to see other files shared by the same GUID or other IP addresses used by the same P2P client. Finally, our evaluation on real CSA case data shows high degrees of accuracy, while hands-on trials with law enforcement officers demonstrate the toolkit's complementarity to extant investigative workflows. en
dc.description.sponsorship European Commission Safer Internet Programme project (iCOP: Identifying and Catching Originators in Peer-to-Peer Networks, SI-2010-TP-2601002); Antwerp University (DAPHNE: Defending Against Paedophiles in Heterogeneous Network Environments); en
dc.format.mimetype application/pdf en
dc.language.iso en en
dc.publisher Elsevier en
dc.relation.uri https://www.sciencedirect.com/science/article/pii/S1742287616300779?via%3Dihub
dc.rights ©2016 The Authors. Published by Elsevier Ltd. This is an open access article under the CCBY license (http://creativecommons.org/licenses/by/4.0/) en
dc.rights.uri http://creativecommons.org/licenses/by/4.0/ en
dc.subject Computer crime en
dc.subject Peer-to-peer computing en
dc.subject Image classification en
dc.subject Text analysis en
dc.subject Forensic triage en
dc.title iCOP: Live forensics to reveal previously unknown criminal media on P2P networks en
dc.type Article (peer-reviewed) en
dc.internal.authorcontactother Margaret Brennan, School of Applied Psychology, University College Cork, Cork, Ireland. +353-21-490-3000 Email:m.brennan@ucc.ie en
dc.internal.availability Full text available en
dc.description.version Published Version en
dc.contributor.funder European Commission en
dc.contributor.funder Universiteit Antwerpen en
dc.description.status Peer reviewed en
dc.identifier.journaltitle Digital Investigation en
dc.internal.IRISemailaddress m.brennan@ucc.ie en


Files in this item

This item appears in the following Collection(s)

Show simple item record

©2016 The Authors. Published by Elsevier Ltd. This is an open access article under the CCBY license (http://creativecommons.org/licenses/by/4.0/) Except where otherwise noted, this item's license is described as ©2016 The Authors. Published by Elsevier Ltd. This is an open access article under the CCBY license (http://creativecommons.org/licenses/by/4.0/)
This website uses cookies. By using this website, you consent to the use of cookies in accordance with the UCC Privacy and Cookies Statement. For more information about cookies and how you can disable them, visit our Privacy and Cookies statement