A comparative forensic analysis of privacy enhanced web browsers and private browsing modes of common web browsers

2018 ◽  
Vol 10 (4) ◽  
pp. 356 ◽  
Author(s):  
Ryan M. Gabet ◽  
Kathryn C. Seigfried Spellar ◽  
Marcus K. Rogers
Keyword(s):  
Forensic Analysis ◽  
Web Browsers ◽  
Private Browsing

scholarly journals Private Browsing Forensic Analysis: A Case Study of Privacy Preservation in the Brave Browser

2020 ◽  
Vol 13 (6) ◽  
pp. 294-306
Author(s):  
Ahmed Mahlous ◽  
◽  
Houssam Mahlous ◽  
Keyword(s):  
Privacy Preservation ◽  
Forensic Analysis ◽  
The Internet ◽  
Web Browsers ◽  
Unique Approach ◽  
Illegal Activities ◽  
Keyword Searches ◽  
Cover Up ◽  
Private Browsing

The Internet and its users are in continual growth. With it grows the number of organized crimes on the Internet and the potential for individuals to carry out illegal activities. These criminals have gained more awareness of private browsing facilities, and many have found a haven in privacy designed browsers that cover up their tracks and shield their nefarious actions. The development of these privacy features has proven to be a challenge for digital forensic investigators. They strive to perform a thorough analysis of web browsers to collect artefacts relating to illegal activity to be presented as evidence to the court of law and used to convict criminals. “Brave” browser is one of the most recent and fastest-growing private browsers that, up to this point, has not been studied in-depth, and its privacy preservation functionality remains unclear. In this paper, we studied Brave’s private browsing mode, examined its privacy-preserving and forensic data acquisition, and outlined the location and type of evidence available through live and post-mortem state analysis. The unique approach taken included a set of experiments that unveiled how the browser functions and showed the appropriate tools that could be utilized to extract leftover artefacts. Analysis of our results showed that despite Brave leaving no traces of browsing activity on the Hard Disk, visited URLs, images, keyword searches, and even cached videos were retrievable from the RAM, which shows that Brave is not entirely private.

scholarly journals Web browsers forensic analysis reviewWeb tarayıcılarda adli analiz incelemesi

2015 ◽  
Vol 12 (2) ◽  
pp. 757 ◽  
Author(s):  
Erkan Baran ◽  
Huseyin Çakır ◽  
Çelebi Uluyol
Keyword(s):  
Web Applications ◽  
File Systems ◽  
Forensic Analysis ◽  
Web Browsers ◽  
Web Browser ◽  
Mode Effects ◽  
The World

<p>Nowadays, web browser tools are seen ıntensıvely durıng the usage of web applıcatıons. Because of that, browsers provıdes ınfrastructure of a largo majorıty of crımes. Because guılty or suspect can use the browsers to collect ınformatıons, to hıde hıs crıme, learn new crımınal methods or to apply they have learned. In thıs study, ıt ıs also seeked answers of how a process can be monıtored on the computers whıch are used on browsers, ın whıch fıles whıch datas are looked and when and whıch sıtes are accessed. Accordıng to research of W3counter web stats tool, Chrome Web browser, whıch has %43 persentage of across the world ın usage, ıs proses as the most demanded browser ın thıs study by users, and ıt ıs scented out ın thıs browser's related fıles. In these days, ''hıdden mode'' whıch take part ın vast majorıty of browsers ıs also examıned. Thıs feature of the browser, whıch ıs receıved reference, ıs tracked by testıng and ıs sought data ın RAM memory and fıle systems. Thus, '' hıdden mode'' effects are dıscussed ın provıdıng studıes about suspect or crımınal posıtıon people, what kınd of data can be obtaıned ın usıng '' hıdden mode” ıs revealed.</p><p> </p><p><strong>Özet</strong></p><p>Günümüzde internet uygulamalarının kullanımı sırasında web tarayıcı araçlarının yoğun bir şekilde kullanımı görülmektedir. Bu nedenle tarayıcılar, işlenen suçların büyük bir çoğunluğuna altyapı sağlar. Çünkü suçlu ya da şüpheli, tarayıcıları bilgi toplamak, suçunu gizlemek, yeni suç metotları öğrenmek ya da öğrendiklerini uygulamak için kullanabilir.  Bu çalışmada da tarayıcıların kullanıldığı bilgisayarlar üzerinde bırakılan izlerin tespitinde nasıl bir süreç izlenebileceği, hangi dosyalarda hangi verilere bakılabileceği ve ne zaman hangi sitelere erişim sağlandığı gibi çeşitli sorulara cevaplar aranmaktadır. w3counter adlı internet istatistik aracının yaptığı araştırmaya göre, dünya genelinde %43'lük bir kullanım alanına sahip olan Chrome web tarayıcısı, kullanıcılar tarafından en çok talep gören tarayıcı olarak bu araştırma içinde referans alınmaktadır ve bu tarayıcıya ait ilgili dosyalarda izler sürülmektedir. Ayrıca günümüz tarayıcıların büyük bir çoğunluğunda yer alan “<strong>gizli mod</strong>” özelliği incelenmektedir.  Referans alınan tarayıcının bu özelliği test edilerek iz sürülmekte, dosya  sistemlerinde ve RAM bellekte veri aranmaktadır.Böylelikle “gizli mod” kullanımında ne tür veriler elde edilebileceği ortaya konarak şüpheli ya da suçlu konumundaki kişilere ait delillendirme çalışmalarında “gizli mod” kullanımının etkileri tartışılmaktadır. </p>

scholarly journals Secure user Browser Activity using Hybrid Data Hiding Techniques

2020 ◽  
Vol 9 (1) ◽  
pp. 595-598
Keyword(s):  
Virtual Machine ◽  
Virtual Machines ◽  
Third Party ◽  
Web Browsers ◽  
Web Browser ◽  
C Language ◽  
Hybrid Data ◽  
Compare And Contrast ◽  
Private Browsing ◽  
The Web

Web browsers may delete some files but it doesn’t delete everything. The purpose of private browsing is for users to browse private mode just as a standard browsing session would, but without storing any data such as log-in credentials or browsing history upon exit. A secure framework to secure the web browser artefacts is proposed to fulfil the requirements. In order to compare and contrast the different methods of artefacts encryption, a hybrid method was introduced; Base64 + AES on the prototype. The test systems were created by utilising virtual machines. The prototype was developed using C# language in Microsoft Visual Studio application that runs on Windows. To provide countermeasures, this research proposes an implementation of a third-party privacy application, called PRINDOW, to improve security in hiding a user's browsing activity. Every browsing session is recorded and scanned using the prototype. This method allows only the base requirements to be installed on the virtual machine for each file with the cryptographic method. This framework could theoretically enhance current practises by making slight changes to the web browser's application structure.

scholarly journals Forensic analysis of private browsing mechanisms: Tracing internet activities

2021 ◽  
Vol 5 (1) ◽  
pp. 012-019
Author(s):  
Fayyad-Kazan Hasan ◽  
Kassem-Moussa Sondos ◽  
Hejase Hussin J ◽  
Hejase Ale J
Keyword(s):  
Forensic Analysis ◽  
Web Browser ◽  
Digital Devices ◽  
Private Browsing ◽  
Mode A

Forensic analysts are more than ever facing challenges upon conducting their deep investigative analysis on digital devices due to the technological progression. Of these are the difficulties present upon analyzing web browser artefacts as this became more complicated when web browser companies introduced private browsing mode, a feature aiming to protect users’ data upon opening a private browsing session, by leaving no traces of data on the local device used. Aiming to investigate whether the claims of web browser companies are true concerning the protection private browsing provides to the users and whether it really doesn’t leave any browsing data behind, the most popular desktop browsers in Windows were analyzed after surfing them regularly and privately. The results shown in this paper suggest that the privacy provided varies among different companies since evidence might be recovered from some of the browsers but not from others.

scholarly journals Browsers’ Private Mode: Is It What We Were Promised?

Computers ◽  
2021 ◽  
Vol 10 (12) ◽  
pp. 165
Author(s):  
Kris Hughes ◽  
Pavlos Papadopoulos ◽  
Nikolaos Pitropakis ◽  
Adrian Smales ◽  
Jawad Ahmad ◽  
...  
Keyword(s):  
Random Access ◽  
Forensic Analysis ◽  
Test Cases ◽  
Sensitive Information ◽  
Web Browsers ◽  
Hard Disks ◽  
Access Memory ◽  
Web Browser ◽  
Left Behind ◽  
Search History

Web browsers are one of the most used applications on every computational device in our days. Hence, they play a pivotal role in any forensic investigation and help determine if nefarious or suspicious activity has occurred on that device. Our study investigates the usage of private mode and browsing artefacts within four prevalent web browsers and is focused on analyzing both hard disk and random access memory. Forensic analysis on the target device showed that using private mode matched each of the web browser vendors’ claims, such as that browsing activity, search history, cookies and temporary files that are not saved in the device’s hard disks. However, in volatile memory analysis, a majority of artefacts within the test cases were retrieved. Hence, a malicious actor performing a similar approach could potentially retrieve sensitive information left behind on the device without the user’s consent.

Sign in / Sign up

Export Citation Format

Share Document