IF-DSS: A forensic investigation framework for decentralized storage services

IF 2 4区 医学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS Forensic Science International-Digital Investigation Pub Date : 2023-10-01 DOI:10.1016/j.fsidi.2023.301611
Jihun Son , Gyubin Kim , Hyunwoo Jung , Jewan Bang , Jungheum Park
{"title":"IF-DSS: A forensic investigation framework for decentralized storage services","authors":"Jihun Son ,&nbsp;Gyubin Kim ,&nbsp;Hyunwoo Jung ,&nbsp;Jewan Bang ,&nbsp;Jungheum Park","doi":"10.1016/j.fsidi.2023.301611","DOIUrl":null,"url":null,"abstract":"<div><p>Decentralized storage services are growing in popularity owing to their lower costs, increased resilience, and privacy compared with traditional cloud storage services. However, these characteristics also attract malicious actors, who abuse them to create phishing URLs, distribute malware, infringe on copyrights, and conduct other crime-related activities. Investigating these services is challenging because of their censorship resistance and decentralization, which renders the existing methodologies for cloud-based storage services and peer-to-peer-based file-sharing services insufficient. To address these challenges, we introduce a novel forensic investigation framework that encompasses identifying, collecting, examining, analyzing potential evidence, and preventing the further distribution of the content. The framework works on each node, peer, gateway, and Internet area of the decentralized storage services, integrating investigation steps on both remote and local sides. The usefulness and applicability of the proposed framework were demonstrated through case studies involving phishing and large-scale file sharing using <em>IPFS</em> with <em>Filecoin</em>.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0000,"publicationDate":"2023-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Forensic Science International-Digital Investigation","FirstCategoryId":"3","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2666281723001233","RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Decentralized storage services are growing in popularity owing to their lower costs, increased resilience, and privacy compared with traditional cloud storage services. However, these characteristics also attract malicious actors, who abuse them to create phishing URLs, distribute malware, infringe on copyrights, and conduct other crime-related activities. Investigating these services is challenging because of their censorship resistance and decentralization, which renders the existing methodologies for cloud-based storage services and peer-to-peer-based file-sharing services insufficient. To address these challenges, we introduce a novel forensic investigation framework that encompasses identifying, collecting, examining, analyzing potential evidence, and preventing the further distribution of the content. The framework works on each node, peer, gateway, and Internet area of the decentralized storage services, integrating investigation steps on both remote and local sides. The usefulness and applicability of the proposed framework were demonstrated through case studies involving phishing and large-scale file sharing using IPFS with Filecoin.

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
IF-DSS:用于分散存储服务的法医调查框架
与传统的云存储服务相比,去中心化存储服务由于其更低的成本、更高的弹性和隐私性而越来越受欢迎。然而,这些特征也吸引了恶意行为者,他们滥用这些特征来创建网络钓鱼url、分发恶意软件、侵犯版权以及进行其他与犯罪相关的活动。调查这些服务是具有挑战性的,因为它们具有审查阻力和去中心化,这使得现有的基于云的存储服务和基于点对点的文件共享服务的方法不足。为了应对这些挑战,我们引入了一种新的法医调查框架,包括识别、收集、检查、分析潜在证据,并防止内容的进一步传播。该框架适用于分布式存储服务的每个节点、对等体、网关和Internet区域,集成了远程和本地的调查步骤。通过涉及网络钓鱼和使用IPFS与Filecoin进行大规模文件共享的案例研究,证明了所提议框架的有用性和适用性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
CiteScore
5.90
自引率
15.00%
发文量
87
审稿时长
76 days
期刊最新文献
Temporal metadata analysis: A learning classifier system approach Uncertainty and error in location traces Competence in digital forensics “What you say in the lab, stays in the lab”: A reflexive thematic analysis of current challenges and future directions of digital forensic investigations in the UK Decoding digital interactions: An extensive study of TeamViewer's Forensic Artifacts across Windows and android platforms
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1