CFP last date
20 December 2024
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper
Know more
The week's pick
Responsive image
Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen
Random Articles
Reseach Article

Forensics Evaluation of Privacy of Portable Web Browsers

by Ahmad Ghafarian, Seyed Amin Hosseini Seno
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 147 - Number 8
Year of Publication: 2016
Authors: Ahmad Ghafarian, Seyed Amin Hosseini Seno
10.5120/ijca2016911009

Ahmad Ghafarian, Seyed Amin Hosseini Seno . Forensics Evaluation of Privacy of Portable Web Browsers. International Journal of Computer Applications. 147, 8 ( Aug 2016), 5-11. DOI=10.5120/ijca2016911009

@article{ 10.5120/ijca2016911009,
author = { Ahmad Ghafarian, Seyed Amin Hosseini Seno },
title = { Forensics Evaluation of Privacy of Portable Web Browsers },
journal = { International Journal of Computer Applications },
issue_date = { Aug 2016 },
volume = { 147 },
number = { 8 },
month = { Aug },
year = { 2016 },
issn = { 0975-8887 },
pages = { 5-11 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume147/number8/25671-2016911009/ },
doi = { 10.5120/ijca2016911009 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:52:01.990967+05:30
%A Ahmad Ghafarian
%A Seyed Amin Hosseini Seno
%T Forensics Evaluation of Privacy of Portable Web Browsers
%J International Journal of Computer Applications
%@ 0975-8887
%V 147
%N 8
%P 5-11
%D 2016
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Browsers claim private mode browsing saves no data on the host machine. Most popular web browsers also offer portable versions of their browsers which can be launched from a removable device. When the removable device is removed, it is claimed that traces of browsing activities will be deleted and consequently private portable browsers offer better privacy. This makes the task of computer forensics investigators who try to reconstruct the past browsing history, in case of any computer incidence, more challenging. However, whether or not all data is deleted beyond forensic recovery is a moot point. This research examines privacy of popular private portable browsers, including Firefox, Chrome, Safari, and Opera through both static and volatile memory forensics. In static memory, we examine the content of registry, recent, cache, cookies and temp files. In volatile memory forensics, we analyze the content of live memory. Results of this experiment show that traces of web browsing activities can be found, even after removing the portable browser device.

References
  1. Choi, J. H., K.G. Lee, J. Park, C. Lee, and S. Lee. Analysis framework to detect artifacts of portable web browser: ITCF, Springer, pp. 207-214, (2012).
  2. Aggarwal, G., Bursztien, E., Jackson C., & Boneh, D. An analysis of private browsing modes in modern browsers. Proceedings of the 19th Usenix Security Symposium, pp. 1-15, (2012).
  3. Simon, M. and Slay, J. Enhancement of Forensics Computing Investigations through Memory Forensics Techniques. Proceedings of the International Conference on Availability, Reliability and Security, pp. 995-1000, (2009).
  4. Davis, N. Live memory forensics for Windows Operating Systems. Eastern Michigan University, IA 328, (2015). http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.173.6197&rep=rep1&type=pdf
  5. Oh, O., Lee, S., and Lee, S. Advanced evidence collection and analysis of web browser activity. Journal of digital investigation 8, pp. 62-70, (2011).
  6. Ohana, D.J. and Shashidhar, N. Do private and portable web browsers leave incriminating Evidence? A forensic analysis of residual artifacts from private and portable web browsing sessions. EURASIP J, on Inf. S. 201(6), pp. 1-13, (2013).
  7. Mozilla Firefox (2015). https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history?redirectlocale=en-US&redirectslug=Private+Browsing
  8. Google Chrome (2015). http://portableapps.com/apps/internet/google_chrome_portable
  9. Opera (2015). http://www.kejut.com/operaportable
  10. Apple safari (2015).http://safari.soft32.com/
  11. Marringhton, A., I. Baggili, T. AI Ismail, A. AI Kaf. Portable Web Browser Forensics: A forensic examination of the privacy benefits of portable web browsers. ICCSII, pp. 1-6, (2012).
  12. Adautin, E.D. and Meeran, N. Forensic Reconstruction and Analysis of Residual Artifacts from Portable Web Browse. International Journal of Computer Applications. Vol 128, No18, pp. 19-24, (2015).
  13. Flowers, C., Mansour, A. and Al-Khateeb, H.M. Web browser artefacts in private and portable modes: a forensic investigation’, Int. J. Electronic Security and Digital. Vol. 8, No. 2, pp.99–117, (2016).
  14. Dharan, D.G. and Meeran, N.A.R. Forensic Evidence Collection by Reconstruction of Artifacts in Portable Web Browser. International Journal of Computer Applications, Vol 91, No 4, pp. 32-35, (2014).
  15. Mahendrakar, A., Irving, J., and Patel, S. Forensic Analysis of Private Browsing Mode in Popular Browsers (2014). http://mocktest.net/paper.pdf
  16. Said, H., Mutawa, A.H., Awadhi, A.I., Guimaraes, M. Forensic analysis of private browsing artifacts. Proceedings of the International Conference on Innovations in Information Technology (IIT), (2011).
  17. Hejazi, S.M., Talhi, C. & Debbabi, M. Extraction of Forensically Sensitive Information from Windows Physical Memory. Digital Investigation, Elsevier publishing Co, 6, pp. 121-131., (2009).
  18. Satvat, K., Forshaw, M., Hao, F. and Toreini E. On the Privacy of Private Browsing – A Forensic approach. Journal of Information Security and Application, Vol 19, pp. 88-100, (2014).
  19. Amari, K.. Techniques and Tools for Recovering and Analyzing Data from Volatile Memory. SANS Institute InfoSec Reading Room, (2009).
  20. DaemonFS, (2015). http://sourceforge.net/projects/daemonfs/
  21. NirSoft. NirSoft Freeware Utilities, (2013) http://nirsoft.net.
  22. Paragon Disk Wiper, (2015). http://www.paragon-software.com/home/dw-professional/download.html
  23. PortableApps. (2013). http://portableapps.com/
  24. Mandiant Redline (2014). https://dl.mandiant.com/EE/library/Redline1.7_UserGuide.pdf
  25. WinHex (2015). http://www.x-ways.net/winhex/
  26. Suitche. DumpIt memory capture tool. (2015) http://www.moonsols.com/wp-content/uploads/downloads/2011/07/DumpIt.zip
Index Terms

Computer Science
Information Sciences

Keywords

Computer forensics tools RAM forensics volatile memory artifacts registry and private.

Powered by PhDFocusTM