Overclock.net banner
Cancel

[Ars] Air Force engineers develop BitTorrent sniffer

3598 Views 52 Replies 38 Participants Last post by  proTip
SZayat
http://arstechnica.com/security/news...nt-sniffer.ars

Quote:


The Air Force Institute of Technology has come up with a new way to passively monitor BitTorrent traffic.

The system works by passively monitoring all traffic flowing toward users, and then recognizing the BitTorrent header in packets. Once the system sees such a header, it takes the hash of the file and compares it to a list of known "bad" hashes. If there is a match, the system logs it for further investigation.

Reportedly, the system uses FPGAs (field programmable gate arrays), which are chips that can be configured to perform different functions. This may suggest that the system is built to be very fast, but as the sniffing capability tops out at 100Mbps, it looks like the designers simply used FPGAs as a convenient system-on-a-chip. Even a five-year old PC can perform light to moderate traffic-sniffing duties at 1Gbps speeds in software.

Big Content would of course be on cloud nine if ISPs could be convinced to install devices like this-and the argument that kicking pirates off the network would free up a lot of bandwidth may go a long way toward convincing them. On the other hand, inspecting the content of a user's traffic in this way has serious privacy implications, and is likely to fall afoul of the law in some countries.

Another issue facing such systems is creating a comprehensive set of hashes of copyrighted files in real time. It would very likely be easier to have the sniffers simply log all hashes, then figure out which are the offending ones later. But all of this is moot, as the system is easily thwarted by encrypting BitTorrent traffic, which already happens for some 25 percent of BitTorrent traffic today.

Ultimately, it's not clear that a system like this addresses a real need. The Achilles heel of BitTorrent is the need for the peers participating in the file transfer to find each other. Traditionally this is done through a centralized tracker that provides each peer with addresses of other peers, but modern BitTorrent clients can also perform this function in peer-to-peer fashion.

See less See more
Reply
Save
Like
1 - 20 of 53 Posts
T
Aaaannddddd....stay out of my Internet, big brother. I'm not pirating anything these days, but that doesn't mean I want you sniffing in my legal torrent traffic.
Reply
Save
Like
Evostance
Who still uses torrents? Jeez
Reply
Save
Like
Col. Newman
Lovely more censorship on the internet.

Bit Torrents are old school though everyone that knows better has moved on to better services.
Reply
Save
Like
V
why would the air force care ?
Reply
Save
Like
burning-skies
2
Quote:


Originally Posted by vicious_fishes
View Post

why would the air force care ?

exactly my thought lol.

ive never ever used torrents and dont intend to but i dont want people keeping an eye over my internet,i have nothing to hide but i dont like the idea that people can see my personal data, cc details,account numbers, passwords etc!

and i personally cant trust the government especially with sensitive data,i mean just look at the muppets who leave laptops on trains which contain 0000's of NI details etc
See less See more
Reply
Save
Like
S
Quote:

Originally Posted by vicious_fishes View Post
why would the air force care ?
I think it was designed to stop illegal pirating on government computers.
See less See more
Reply
Save
Like
J
Quote:

Originally Posted by vicious_fishes View Post
why would the air force care ?
Because it is a proven effective spying method:

Quote:

Originally Posted by Slashdot
A company that monitors peer-to-peer file-sharing networks has discovered a potentially serious security breach involving President Barack Obama's helicopter. 'We found a file containing entire blueprints and avionics package for Marine One, which is the president's helicopter,' says Bob Boback, CEO of Tiversa, a security company that specializes in peer-to-peer technology. Tiversa was able to track the file, discovered at an IP address in Tehran, Iran, back to its original source. 'What appears to be a defense contractor in Bethesda, Md., had a file-sharing program on one of their systems that also contained highly sensitive blueprints for Marine One,' says Boback, adding that someone from the company most likely downloaded a file-sharing program, typically used to exchange music, without realizing the potential problems. 'I'm sure that person is embarrassed and may even lose their job, but we know where it came from and we know where it went.' Iran is not the only country that appears to be accessing this type of information through file-sharing programs. 'We've noticed it out of Pakistan, Yemen, Qatar and China. They are actively searching for information that is disclosed in this fashion because it is a great source of intelligence.'"
Source
See less See more
Reply
Save
Like
ryboto
Quote:

Originally Posted by Col. Newman View Post
Lovely more censorship on the internet.

Bit Torrents are old school though everyone that knows better has moved on to better services.
better services!? Educate us!
See less See more
Reply
Save
Like
003
And how the hell can they legally inspect end user data packets?!
Reply
Save
Like
hiiyah777
This has nothing to do with your computers (for now).

The Air Force is trying to find ways to secure their own networks and computers. That's not to say this technology couldn't one day be sold or used for private purposes.

But for now, you don't have much to worry about. Only those doing illegal things on government computers have to worry.

On another note, these guys better seriously slack off! They're blocking more and more sites from us to use at work every day. It's only a matter of time before they see how much I log on to OCN before they start blocking it from me. *Single Tear*
Reply
Save
Like
G
the design info needs to be made open source so a block can be built to thwart this method of spying.
Reply
Save
Like
murderbymodem
Quote:


Originally Posted by gr8racr
View Post

the design info needs to be made open source so a block can be built to thwart this method of spying.


Quote:


as the system is easily thwarted by encrypting BitTorrent traffic, which already happens for some 25 percent of BitTorrent traffic today.

Sounds to me like we already have.
See less See more
Reply
Save
Like
D
oOoOoh, I just ripped a big one, sniff that.
Reply
Save
Like
4
Quote:


Originally Posted by Jbear
View Post

Because it is a proven effective spying method:

Source

It just seems like they have nothing better to do with their time.
See less See more
Reply
Save
Like
Y
Quote:


Originally Posted by 003
View Post

And how the hell can they legally inspect end user data packets?!

This is WAY too low key (100mbps) to be used on a major scale. I'm thinking they're going to use this to monitor their own traffic... considering the Marine one thing last week.

What's weird to me, though, is why would they even bother? Why not just prevent any unauthorized software from being on their network? I think that's a better method of prevention. Besides, I don't want to pay government employees to sit at work and torrent anything. Let them do that at home =p
See less See more
Reply
Save
Like
hokk
its not gona stop me anyways theres away round it.
Reply
Save
Like
K
Wasn't this part of opperation "Scare people into not using bittorent by pretending we can do something about it"?
Reply
Save
Like
Squeeker The Cat
Quote:


Originally Posted by Col. Newman
View Post

Lovely more censorship on the internet.

Bit Torrents are old school though everyone that knows better has moved on to better services.

do tell.......whats the new thing?? lol im still stuck on newsgroups lol!!
See less See more
Reply
Save
Like
K
Quote:


Originally Posted by 003
View Post

And how the hell can they legally inspect end user data packets?!

ISP's already inspect traffic of its users to limit bandwidth either in whole or on specific ports. This will just be a step up and will try to flag certain content as copyright. It doesn't matter as more and more people every day use encrypted BT connections.
See less See more
Reply
Save
Like
1 - 20 of 53 Posts
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Overclock.net
A forum community dedicated to overclocking enthusiasts and testing the limits of computing. Come join the discussion about computing, builds, collections, displays, models, styles, scales, specifications, reviews, accessories, classifieds, and more!
Full Forum Listing
Explore Our Forums
Hardware News Intel CPUs PC Gaming NVIDIA Water Cooling
Top