Why File Sharing is Dangerous?
Upcoming SlideShare
Loading in...5

Why File Sharing is Dangerous?



Slides for Decentralized System assignment. Explaining about why file sharing is dangerous.

Slides for Decentralized System assignment. Explaining about why file sharing is dangerous.



Total Views
Views on SlideShare
Embed Views



2 Embeds 509

http://otnira.wordpress.com 492
http://www.otnira.com 17



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Why File Sharing is Dangerous? Why File Sharing is Dangerous? Presentation Transcript

  • Why File Sharing Network are Dangerous? Arinto Murdopo arinto@gmail.com
  • P2P Application • 1st generation P2P application – find the file, and download from node that has the file – FastTrack network – KaZaA – Gnutella network – Frostwire – eDonkey - eMule • Common characteristics: users need to share a specific files/folders
  • Why do we analyze these? • Lots of users & traffic – doubled between ‘03 to ‘07 • Wide adoption
  • Exposed Sensitive Information • Sounds impossible, but it does happen! – Misplaced file – Confusing UI – Incentives to share large number of files – Lazy users – Dumb wizard – Share and forget – Poor organizational habit
  • Exposed Sensitive Information • Searching-file experiment – Birth Certificate – 45 Results – Passport – 42 Results – Tax Return – 208 Results – Free Application for Federal Student Aid – 114 Results
  • The trend? • Growing usage -> More leaks • Set and forget -> Increases loses • Global loses • Digital wind spreads files • Existence of malware
  • Honeypot experiment • To illustrate the threat in P2P network • Honeypot – deliberately expose things to observe the attack • In this case… – Email contains active VISA card and phonecard – Three mock business documents
  • Email with VISA card.. • Email showing 25 USD VISA prepaid card • 210-minute-calling card
  • Email with VISA card.. • File quickly taken and re-taken
  • Email with VISA card.. • Within a week, no money left! • No minute left! • File distribution ->
  • Business Documents… • Within a week… – Documents taken 12 times – Secondary disclosures do happen!
  • Observation• Successfully illustrate risk of disclosure• Identity theft!• Persons with intention to use and hide documents do exist! (and they always search!!!)
  • Conclusion • Suggested counter-measures – Improve UI design – User education – File naming and organization
  • Discussion… • Privacy issue, why? Agree, disagree? • Malware distribution, how to counter- measure? • How about BitTorrent? Security concern? • This paper is about “Passive” attack, how about “Active” attack? Give example – Active attack : communications are disrupted by the deletion, modification or insertion of data.