Forensic Analysis of Residual Artifacts from Private Browsing Sessions in Linux

2016 ◽  
pp. 39-49
Author(s):  
A. Sankara Narayanan ◽  
T. Rajkumar ◽  
N. V. Sobhana
Keyword(s):  
Forensic Analysis ◽  
Private Browsing

scholarly journals Private Browsing Forensic Analysis: A Case Study of Privacy Preservation in the Brave Browser

2020 ◽  
Vol 13 (6) ◽  
pp. 294-306
Author(s):  
Ahmed Mahlous ◽  
◽  
Houssam Mahlous ◽  
Keyword(s):  
Privacy Preservation ◽  
Forensic Analysis ◽  
The Internet ◽  
Web Browsers ◽  
Unique Approach ◽  
Illegal Activities ◽  
Keyword Searches ◽  
Cover Up ◽  
Private Browsing

The Internet and its users are in continual growth. With it grows the number of organized crimes on the Internet and the potential for individuals to carry out illegal activities. These criminals have gained more awareness of private browsing facilities, and many have found a haven in privacy designed browsers that cover up their tracks and shield their nefarious actions. The development of these privacy features has proven to be a challenge for digital forensic investigators. They strive to perform a thorough analysis of web browsers to collect artefacts relating to illegal activity to be presented as evidence to the court of law and used to convict criminals. “Brave” browser is one of the most recent and fastest-growing private browsers that, up to this point, has not been studied in-depth, and its privacy preservation functionality remains unclear. In this paper, we studied Brave’s private browsing mode, examined its privacy-preserving and forensic data acquisition, and outlined the location and type of evidence available through live and post-mortem state analysis. The unique approach taken included a set of experiments that unveiled how the browser functions and showed the appropriate tools that could be utilized to extract leftover artefacts. Analysis of our results showed that despite Brave leaving no traces of browsing activity on the Hard Disk, visited URLs, images, keyword searches, and even cached videos were retrievable from the RAM, which shows that Brave is not entirely private.

scholarly journals Forensic analysis of private browsing mechanisms: Tracing internet activities

2021 ◽  
Vol 5 (1) ◽  
pp. 012-019
Author(s):  
Fayyad-Kazan Hasan ◽  
Kassem-Moussa Sondos ◽  
Hejase Hussin J ◽  
Hejase Ale J
Keyword(s):  
Forensic Analysis ◽  
Web Browser ◽  
Digital Devices ◽  
Private Browsing ◽  
Mode A

Forensic analysts are more than ever facing challenges upon conducting their deep investigative analysis on digital devices due to the technological progression. Of these are the difficulties present upon analyzing web browser artefacts as this became more complicated when web browser companies introduced private browsing mode, a feature aiming to protect users’ data upon opening a private browsing session, by leaving no traces of data on the local device used. Aiming to investigate whether the claims of web browser companies are true concerning the protection private browsing provides to the users and whether it really doesn’t leave any browsing data behind, the most popular desktop browsers in Windows were analyzed after surfing them regularly and privately. The results shown in this paper suggest that the privacy provided varies among different companies since evidence might be recovered from some of the browsers but not from others.

Forensic applications of IR infrared microscopic internal reflection spectroscopy

1992 ◽  
Vol 50 (2) ◽  
pp. 1528-1529
Author(s):  
Edward G. Bartick ◽  
John A. Reffner
Keyword(s):  
Specular Reflection ◽  
Forensic Analysis ◽  
Attenuated Total Reflection ◽  
Internal Reflection ◽  
Standard Size ◽  
Ir Microscopy ◽  
Ir Analysis ◽  
Plastic Explosives ◽  
Internal Reflection Spectroscopy ◽  
Reflectance Measurements

Since the introduction of commercial Fourier transform infrared (FTIR) microscopic systems in 1983, IR microscopy has developed as an important analytical tool in research, industry and forensic analysis. Because of the frequent encounter of small quantities of physical evidence found at crime scenes, spectroscopic IR microscopes have proven particularly valuable for forensic applications. Transmittance and reflectance measurements have proven very useful. Reflection-absorption, specular reflection, and diffuse reflection have all been applied. However, it has been only very recently that an internal reflection (IRS) objective has been commercially introduced.The IRS method, also known as attenuated total reflection (ATR), has proven very useful for IR analysis of standard size samples. The method has been applied to adhesive tapes, plastic explosives, and general applications in the analysis of opaque materials found as evidence. The small quantities or uncontaminated areas of specimens frequently found requiring forensic analysis will often be directly applicable to microscopic IRS analysis.

Forensic Analysis of Artifacts of Giant Instant Messaging “WhatsApp” in Android Smartphone

2018 ◽  
Vol 5 (2) ◽  
pp. 73-83
Author(s):  
Hussein Abed Ghannam
Keyword(s):  
Instant Messaging ◽  
Smart Phone ◽  
Forensic Analysis ◽  
Digital Evidence ◽  
Terror Attack ◽  
Left Behind ◽  
Digital Crime ◽  
Internal Storage ◽  
Network Forensic ◽  
Electronic Crime

WhatsApp is a giant mobile instant message IM application with over 1billion users. The huge usage of IM like WhatsApp through giant smart phone “Android” makes the digital forensic researchers to study deeply. The artefacts left behind in the smartphone play very important role in any electronic crime, or any terror attack. “WhatsApp” as a biggest IM in the globe is considered to be very important resource for information gathering about any digital crime. Recently, end-to-end encryption and many other important features were added and no device forensic analysis or network forensic analysis studies have been performed to the time of writing this paper. This paper explains how can we able to extract the Crypt Key of “WhatsApp” to decrypt the databases and extract precious artefacts resides in the android system without rooting the device. Artefacts that extracted from the last version of WhatsApp have been analysed and correlate to give new valuable evidentiary traces that help in investigating. Many hardware and software tools for mobile and forensics are used to collect as much digital evidence as possible from persistent storage on android device. Some of these tools are commercial like UFED Cellebrite and Andriller, and other are open source tools such as autopsy, adb, WhatCrypt. All of these tools that forensically sound accompanied this research to discover a lot of artefacts resides in android internal storage in WhatsApp application.

Sign in / Sign up

Export Citation Format

Share Document