7,631 research outputs found
Privacy Preserving Internet Browsers: Forensic Analysis of Browzar
With the advance of technology, Criminal Justice agencies are being
confronted with an increased need to investigate crimes perpetuated partially
or entirely over the Internet. These types of crime are known as cybercrimes.
In order to conceal illegal online activity, criminals often use private
browsing features or browsers designed to provide total browsing privacy. The
use of private browsing is a common challenge faced in for example child
exploitation investigations, which usually originate on the Internet. Although
private browsing features are not designed specifically for criminal activity,
they have become a valuable tool for criminals looking to conceal their online
activity. As such, Technological Crime units often focus their forensic
analysis on thoroughly examining the web history on a computer. Private
browsing features and browsers often require a more in-depth, post mortem
analysis. This often requires the use of multiple tools, as well as different
forensic approaches to uncover incriminating evidence. This evidence may be
required in a court of law, where analysts are often challenged both on their
findings and on the tools and approaches used to recover evidence. However,
there are very few research on evaluating of private browsing in terms of
privacy preserving as well as forensic acquisition and analysis of privacy
preserving internet browsers. Therefore in this chapter, we firstly review the
private mode of popular internet browsers. Next, we describe the forensic
acquisition and analysis of Browzar, a privacy preserving internet browser and
compare it with other popular internet browser
Procedures and tools for acquisition and analysis of volatile memory on android smartphones
Mobile phone forensics have become more prominent since mobile phones have become ubiquitous both for personal and business practice. Android smartphones show tremendous growth in the global market share. Many researchers and works show the procedures and techniques for the acquisition and analysis the non-volatile memory inmobile phones. On the other hand, the physical memory (RAM) on the smartphone might retain incriminating evidence that could be acquired and analysed by the examiner. This study reveals the proper procedure for acquiring the volatile memory inthe Android smartphone and discusses the use of Linux Memory Extraction (LiME) for dumping the volatile memory. The study also discusses the analysis process of the memory image with Volatility 2.3, especially how the application shows its capability analysis. Despite its advancement there are two major concerns for both applications. First, the examiners have to gain root privileges before executing LiME. Second, both applications have no generic solution or approach. On the other hand, currently there is no other tool or option that might give the same result as LiME and Volatility 2.3
A comparison of forensic evidence recovery techniques for a windows mobile smart phone
<p>Acquisition, decoding and presentation of information from mobile devices is complex and challenging. Device memory is usually integrated into the device, making isolation prior to recovery difficult. In addition, manufacturers have adopted a variety of file systems and formats complicating decoding and presentation.</p>
<p>A variety of tools and methods have been developed (both commercially and in the open source community) to assist mobile forensics investigators. However, it is unclear to
what extent these tools can present a complete view of the information held on a mobile device, or the extent the results produced by different tools are consistent.</p>
<p>This paper investigates what information held on a Windows Mobile smart phone can be recovered using several different approaches to acquisition and decoding. The paper demonstrates that no one technique recovers all information of potential forensic interest from a Windows Mobile device; and that in some cases the information recovered is
conflicting.</p>
Using smartphones as a proxy for forensic evidence contained in cloud storage services
Cloud storage services such as Dropbox, Box and SugarSync have been embraced by both individuals and organizations. This creates an environment that is potentially conducive to security breaches and malicious activities. The investigation of these cloud environments presents new challenges for the digital forensics community.
It is anticipated that smartphone devices will retain data from these storage services. Hence, this research presents a preliminary investigation into the residual artifacts created on an iOS and Android device that has accessed a cloud storage service. The contribution of this paper is twofold. First, it provides an initial assessment on the extent to which cloud storage data is stored on these client-side devices. This view acts as a proxy for data stored in the cloud. Secondly, it provides documentation on the artifacts that could be useful in a digital forensics investigation of cloud services
Security and computer forensics in web engineering education
The integration of security and forensics into Web Engineering curricula is imperative! Poor security in web-based applications is continuing to cost organizations millions and the losses are still increasing annually. Security is frequently taught as a stand-alone course, assuming that security can be 'bolted on' to a web application at some point. Security issues must be integrated into Web Engineering processes right from the beginning to create secure solutions and therefore security should be an integral part of a Web Engineering curriculum. One aspect of Computer forensics investigates failures in security. Hence, students should be aware of the issues in forensics and how to respond when security failures occur; collecting evidence is particularly difficult for Web-based applications
- …