A team of researchers from University of Birmingham has discovered that it takes just three hours from the start of a download for an average BitTorrent user to be monitored by a copyright enforcement agency.

The three-year project entitled The Unbearable Lightness of Monitoring: Direct Monitoring in BitTorrentmostly focused on direct monitoring – the simple and reliable method to identify Internet pirates.

The study provides the first ever measurements of direct monitoring, suggesting ways to detect monitoring techniques and even identifying organisations which are most likely to spy on file-sharers.

Sharing is caring?

BitTorrent is a decentralised peer-to-peer (P2P) protocol designed for the efficient transfer of large files. Since it was created by US programmer Bram Cohen in 2001, BitTorrent has become the de facto standard for exchanging copyrighted content online and accounts for at least a third of overall Internet traffic.

The study notes that BitTorrent users also exchange a range of legal content, such as Linux distributions and various patches and updates. According to Cohen’s company BitTorrent Inc, as of January 2012, BitTorrent has 150 million active users.

While it’s no secret that copyright holders monitor file-sharers, the exact techniques they use haven’t been explored in detail. A team from the School of Computer Science at University of Birmingham, led by Tom Chothia, spent three years attempting to change that.

According to the researchers, there are two ways to monitor P2P exchange: indirect, where indirect clues of the sharing activity of a peer are considered, and direct, which involves connecting to the peers as another file-sharer. Once the connection has been established, monitors can see what files are being downloaded and even how close the download is to completion.

After the evidence of illegal activity is collected, copyright enforcement agencies are able to send threatening cease-and-desist letters to the most hardcore file-sharers, some of whom are taken to court.

Indirect monitoring has been extensively used for copyright protection. However, according to the study, this approach often creates false positives, with printers and other innocent devices blamed for infringing copyright and their owners being sent the aforementioned letters. With indirect monitoring, peers are mostly identified by their IP address.

Direct monitoring is less widespread, more intrusive and costlier, but it can provide enforcement agencies with more proof required to take action. Identifying direct monitoring is simple: users just have to look for peers that seem to have a steady stream of inbound data, but never finish the download.

According to the study, the more popular a torrent is, the more chance there is that it will be monitored. So while downloading the latest Twilight film would be risky, watching some Hitchcock wouldn’t. On one of the largest file-sharing sites currently online, The Pirate Bay, monitors were detected exclusively in Top 100 torrents. On average, movie and music torrents were monitored more heavily than other types of content.

The research also identified about 10 different monitoring companies logging P2P exchanges. Some of these were going to great lengths to cover their tracks, while others were transparently collecting data for analysis.

Defending against monitoring is possible, but requires “blocklists based on empirical research”. A blocklist is a list of suspected file-sharing monitors that automatically cuts the suspicious connection. Even then, users are only able to escape direct monitoring.

As far as indirect monitoring is concerned, the researchers suggest that evidence such as IP addresses is difficult to use in court, so the majority of enforcement agencies will rely on angry letters, never actually suing the overwhelming majority of file-sharers.

Even though they were dealing with an illegal subject, the team from the University of Birmingham was confident that it managed to avoid breaking the law. “In all of our data collection processes, we were careful not to upload or download any shared files; therefore, we have not participated in any copyright-infringing activity as a result of this study,” concludes the research paper.

Meanwhile, the crackdown on torrent tracking websites around the world continues, with The Pirate Bay blocked in the UK, its founders imprisoned in Sweden, and one of the world’s oldest torrent-tracking websites, Demonoid.com, closed by Ukrainian authorities.

Arrgh! How much do you know about online piracy? Take our quiz!

Max Smolaks

Max 'Beast from the East' Smolaks covers open source, public sector, startups and technology of the future at TechWeekEurope. If you find him looking lost on the streets of London, feed him coffee and sugar.

View Comments

    • I think three hours is an approximate time. Could happen sooner, could not happen at all. Unfortunately it doesn't mean that downloads that take less than three hours will be undetectable.

Recent Posts

Apple Sales Rise 6 Percent After Early iPhone 16 Demand

Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…

19 hours ago

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

20 hours ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

21 hours ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago