ATC-NY Releases “P2P Marshal,” a Tool to Fight Cyber Crime

February 25, 2008 Ithaca, NY. Computers often contain key evidence needed to prosecute child exploitation, identity theft and other financial crimes. Criminals commonly use peer-to-peer (P2P) software to share files containing information such as stolen credit card numbers or illicit images. When a target computer is seized, a digital forensic examiner needs to rapidly identify the kind and number of files that have been shared through P2P technology. Currently, this process is manually intensive and time consuming.

With funding from the National Institute of Justice, ATC-NY has developed P2P Marshal, a program that automatically gathers, in a forensically sound way, all of the files related to P2P usage on a target computer. P2P Marshal will greatly help investigators to reduce the time required for the analysis process.

P2P Marshal shows the investigator the files that have been downloaded from a P2P network as well as related information such as the P2P servers used. It shows relevant configuration information, such as the user's name and a list of servers that were used, and displays the log file in a human readable form. P2P Marshal supports multiple P2P networks and is a stand-alone tool, requiring no additional software. In its beta release, P2P Marshal is currently being used by law enforcement groups in several states to investigate real cases involving child exploitation.

Located in Ithaca, NY, ATC-NY conducts advanced research and development in information assurance and information management. On February 25, 2008, ATC-NY released P2P Marshal and it is now available to U.S. law enforcement at no charge.

To download P2P Marshal, visit www.p2pmarshal.com