scholarly journals Forensic analysis of private browsing mechanisms: Tracing internet activities

2021 ◽  
Vol 5 (1) ◽  
pp. 012-019
Author(s):  
Fayyad-Kazan Hasan ◽  
Kassem-Moussa Sondos ◽  
Hejase Hussin J ◽  
Hejase Ale J
Keyword(s):  
Forensic Analysis ◽  
Web Browser ◽  
Digital Devices ◽  
Private Browsing ◽  
Mode A

Forensic analysts are more than ever facing challenges upon conducting their deep investigative analysis on digital devices due to the technological progression. Of these are the difficulties present upon analyzing web browser artefacts as this became more complicated when web browser companies introduced private browsing mode, a feature aiming to protect users’ data upon opening a private browsing session, by leaving no traces of data on the local device used. Aiming to investigate whether the claims of web browser companies are true concerning the protection private browsing provides to the users and whether it really doesn’t leave any browsing data behind, the most popular desktop browsers in Windows were analyzed after surfing them regularly and privately. The results shown in this paper suggest that the privacy provided varies among different companies since evidence might be recovered from some of the browsers but not from others.

scholarly journals Web browsers forensic analysis reviewWeb tarayıcılarda adli analiz incelemesi

2015 ◽  
Vol 12 (2) ◽  
pp. 757 ◽  
Author(s):  
Erkan Baran ◽  
Huseyin Çakır ◽  
Çelebi Uluyol
Keyword(s):  
Web Applications ◽  
File Systems ◽  
Forensic Analysis ◽  
Web Browsers ◽  
Web Browser ◽  
Mode Effects ◽  
The World

<p>Nowadays, web browser tools are seen ıntensıvely durıng the usage of web applıcatıons. Because of that, browsers provıdes ınfrastructure of a largo majorıty of crımes. Because guılty or suspect can use the browsers to collect ınformatıons, to hıde hıs crıme, learn new crımınal methods or to apply they have learned. In thıs study, ıt ıs also seeked answers of how a process can be monıtored on the computers whıch are used on browsers, ın whıch fıles whıch datas are looked and when and whıch sıtes are accessed. Accordıng to research of W3counter web stats tool, Chrome Web browser, whıch has %43 persentage of across the world ın usage, ıs proses as the most demanded browser ın thıs study by users, and ıt ıs scented out ın thıs browser's related fıles. In these days, ''hıdden mode'' whıch take part ın vast majorıty of browsers ıs also examıned. Thıs feature of the browser, whıch ıs receıved reference, ıs tracked by testıng and ıs sought data ın RAM memory and fıle systems. Thus, '' hıdden mode'' effects are dıscussed ın provıdıng studıes about suspect or crımınal posıtıon people, what kınd of data can be obtaıned ın usıng '' hıdden mode” ıs revealed.</p><p> </p><p><strong>Özet</strong></p><p>Günümüzde internet uygulamalarının kullanımı sırasında web tarayıcı araçlarının yoğun bir şekilde kullanımı görülmektedir. Bu nedenle tarayıcılar, işlenen suçların büyük bir çoğunluğuna altyapı sağlar. Çünkü suçlu ya da şüpheli, tarayıcıları bilgi toplamak, suçunu gizlemek, yeni suç metotları öğrenmek ya da öğrendiklerini uygulamak için kullanabilir.  Bu çalışmada da tarayıcıların kullanıldığı bilgisayarlar üzerinde bırakılan izlerin tespitinde nasıl bir süreç izlenebileceği, hangi dosyalarda hangi verilere bakılabileceği ve ne zaman hangi sitelere erişim sağlandığı gibi çeşitli sorulara cevaplar aranmaktadır. w3counter adlı internet istatistik aracının yaptığı araştırmaya göre, dünya genelinde %43'lük bir kullanım alanına sahip olan Chrome web tarayıcısı, kullanıcılar tarafından en çok talep gören tarayıcı olarak bu araştırma içinde referans alınmaktadır ve bu tarayıcıya ait ilgili dosyalarda izler sürülmektedir. Ayrıca günümüz tarayıcıların büyük bir çoğunluğunda yer alan “<strong>gizli mod</strong>” özelliği incelenmektedir.  Referans alınan tarayıcının bu özelliği test edilerek iz sürülmekte, dosya  sistemlerinde ve RAM bellekte veri aranmaktadır.Böylelikle “gizli mod” kullanımında ne tür veriler elde edilebileceği ortaya konarak şüpheli ya da suçlu konumundaki kişilere ait delillendirme çalışmalarında “gizli mod” kullanımının etkileri tartışılmaktadır. </p>

scholarly journals Keyword Indexing And Searching Tool (KIST): A Tool to Assist the Forensics Analysis of WhatsApp Chat

2020 ◽  
Vol 6 (1) ◽  
pp. 23
Author(s):  
Syafiqah Hanisah Shahrol Nizam ◽  
Nurul Hidayah Ab Rahman ◽  
Niken Dwi Wahyu Cahyani
Keyword(s):  
Mobile Phones ◽  
Digital Forensics ◽  
Forensic Analysis ◽  
User Testing ◽  
Analysis Software ◽  
Digital Devices ◽  
Analysis Tools ◽  
Private And Public ◽  
Public Sectors ◽  
Keyword Searching

Digital forensics is a field that concerned with finding and presenting evidence sourced from digital devices, such as computers and mobile phones. Most of the forensic analysis software is proprietary, and eventually, specialized analysis software is developed in both the private and public sectors. This paper presents an alternative of forensic analysis tools for digital forensics, which specifically to analyze evidence through keyword indexing and searching. Keyword Indexing and Searching Tool (KIST) is proposed to analyze evidence of interest from WhatsApp chat text files using keyword searching techniques and based on incident types. The tool was developed by adopting the Prototyping model as its methodology. KIST includes modules such as add, edit, remove, display the indexed files, and to add WhatsApp chat text files. Subsequently, the tool is tested using functionality testing and user testing. Functionality testing shows all key functions are working as intended, while users testing indicates the majority of respondents are agree that the tool is able to index and search keyword and display forensic analysis results.

scholarly journals Secure user Browser Activity using Hybrid Data Hiding Techniques

2020 ◽  
Vol 9 (1) ◽  
pp. 595-598
Keyword(s):  
Virtual Machine ◽  
Virtual Machines ◽  
Third Party ◽  
Web Browsers ◽  
Web Browser ◽  
C Language ◽  
Hybrid Data ◽  
Compare And Contrast ◽  
Private Browsing ◽  
The Web

Web browsers may delete some files but it doesn’t delete everything. The purpose of private browsing is for users to browse private mode just as a standard browsing session would, but without storing any data such as log-in credentials or browsing history upon exit. A secure framework to secure the web browser artefacts is proposed to fulfil the requirements. In order to compare and contrast the different methods of artefacts encryption, a hybrid method was introduced; Base64 + AES on the prototype. The test systems were created by utilising virtual machines. The prototype was developed using C# language in Microsoft Visual Studio application that runs on Windows. To provide countermeasures, this research proposes an implementation of a third-party privacy application, called PRINDOW, to improve security in hiding a user's browsing activity. Every browsing session is recorded and scanned using the prototype. This method allows only the base requirements to be installed on the virtual machine for each file with the cryptographic method. This framework could theoretically enhance current practises by making slight changes to the web browser's application structure.

scholarly journals Effective resource management in digital forensics

2019 ◽  
Vol 43 (1) ◽  
pp. 77-90 ◽  
Author(s):  
Dana Wilson-Kovacs
Keyword(s):  
Police Officers ◽  
Digital Forensics ◽  
Methodological Approach ◽  
Forensic Analysis ◽  
Careful Consideration ◽  
Systematic Evaluation ◽  
Structured Interviews ◽  
Content Type ◽  
Digital Devices ◽  
Police Forces

Purpose Building on the findings of a British Academy-funded project on the development of digital forensics (DF) in England and Wales, the purpose of this paper is to explore how triage, a process that helps prioritise digital devices for in-depth forensic analysis, is experienced by DF examiners and police officers in four English police forces. It is argued that while as a strategy triage can address the increasing demand in the examination of digital exhibits, careful consideration needs to be paid to the ways in which its set-up, undertaking and outcomes impact on the ability of law enforcement agencies to solve cases. Design/methodology/approach The methodological approach adopted here builds on the ethnographic turn in criminology. The analysis draws on 120 h of ethnographic observations and 43 semi-structured interviews. Observational data of the working DF environment at each location and a systematic evaluation of internal documents, organisational settings and police priorities helped refine emergent analysis threads, which were analytically compared between sites and against the testimonies of members of different occupational groups to identify similarities and differences between accounts. Findings The findings emphasise the challenges in the triage of digital exhibits as they are encountered in everyday practice. The discussion focusses on the tensions between the delivery of timely and accurate investigation results and current gaps in the infrastructural arrangements. It also emphasises the need to provide police officers with a baseline understanding of the role of DF and the importance of clearly defined strategies in the examination of digital devices. Originality/value This paper aims to bridge policy and practice through an analysis of the ways in which DF practitioners and police officers in four English constabularies reflect on the uses of triage in DF to address backlogs and investigative demands. Highlighting the importance of digital awareness beyond the technical remit of DF units, it offers new insights into the ways in which police forces seek to improve the evidential trail with limited resources.

scholarly journals Private Browsing Forensic Analysis: A Case Study of Privacy Preservation in the Brave Browser

2020 ◽  
Vol 13 (6) ◽  
pp. 294-306
Author(s):  
Ahmed Mahlous ◽  
◽  
Houssam Mahlous ◽  
Keyword(s):  
Privacy Preservation ◽  
Forensic Analysis ◽  
The Internet ◽  
Web Browsers ◽  
Unique Approach ◽  
Illegal Activities ◽  
Keyword Searches ◽  
Cover Up ◽  
Private Browsing

The Internet and its users are in continual growth. With it grows the number of organized crimes on the Internet and the potential for individuals to carry out illegal activities. These criminals have gained more awareness of private browsing facilities, and many have found a haven in privacy designed browsers that cover up their tracks and shield their nefarious actions. The development of these privacy features has proven to be a challenge for digital forensic investigators. They strive to perform a thorough analysis of web browsers to collect artefacts relating to illegal activity to be presented as evidence to the court of law and used to convict criminals. “Brave” browser is one of the most recent and fastest-growing private browsers that, up to this point, has not been studied in-depth, and its privacy preservation functionality remains unclear. In this paper, we studied Brave’s private browsing mode, examined its privacy-preserving and forensic data acquisition, and outlined the location and type of evidence available through live and post-mortem state analysis. The unique approach taken included a set of experiments that unveiled how the browser functions and showed the appropriate tools that could be utilized to extract leftover artefacts. Analysis of our results showed that despite Brave leaving no traces of browsing activity on the Hard Disk, visited URLs, images, keyword searches, and even cached videos were retrievable from the RAM, which shows that Brave is not entirely private.

Sign in / Sign up

Export Citation Format

Share Document