New research: Most top torrents are monitored, your IP address can be logged within three hours

New research: Most top torrents are monitored, your IP address can be logged within three hours

If you’ve downloaded a popular torrent in the last three years, you may have had your IP address logged and your activities monitored, according to new research. Computer scientists from the University of Birmingham tracked BitTorrent traffic during five separate timeframes: July 2009, August 2009, August 2010, February 2011, and May 2011. Their work is being presented this week at the SecureComm conference in Padua, Italy, and their 18-page paper can be found here: The Unbearable Lightness of Monitoring: Direct Monitoring in BitTorrent (PDF).

The team developed custom BitTorrent file-sharing clients that logged all connections and tracked the top 100 torrent files listed under various categories on The Pirate Bay to analyse the behaviour of users sharing those files. They quickly found the use of indirect monitoring, meaning peers in the BitTorrent swarms had IP addresses connected to one or more torrent monitoring services, and direct monitoring, where peers within a swarm actively probed other peers to see what they could uncover about them.

The researchers found that many of these active monitors appeared to behave as genuine peers in a swarm, but in reality they consistently reported completions of between 45 percent and 55 percent, and never progressed further. They estimated that 65 of the top 100 movie torrents and 26 of the most popular music torrents were being monitored directly.

Movie and music torrents were most heavily monitored (by 65 and 26 monitors respectively), although between one and seven IP addresses suspected of monitoring were still present in each category. In 40 percent of all the cases, direct monitors made contact with peers within three hours of joining the swarm.

The monitoring firms logging content were identified as copyright enforcement agencies, security firms, and even other research labs. Some used third-party hosting firms to run the searches for them, making identification much more difficult. Those that were discovered by the group, however, were not revealed. As such, it’s not known what will be done with the data that has been collected. By themselves though, the logs don’t appear to be enough for a lawsuit.

“All the monitors connected to file sharers [are] believed to be sharing illegal content,” Tom Chothia, the lead researcher, told NewScientist. “However, they did not actually collect any of the files being shared. So it is questionable whether the observed evidence of file-sharing would stand up in court.”

Image credit: stock.xchng

Read next: We the People: Obama’s petition network passes 3M signatures in one year