Abstract
Desktop search applications have improved dramatically over the last three years, evolving from time-consuming search applications to instantaneous search tools that rely extensively on pre-cached data. This paper investigates the extraction of pre-cached data for forensic purposes, drawing on earlier work to automate the process. The result is a proof-of-concept application called Google Desktop Search Evidence Collector (GDSEC), which interfaces with Google Desktop Search to convert data from Google’s proprietary format to one that is amenable to offline analysis.
Chapter PDF
Similar content being viewed by others
References
B. Cole, Search engines tackle the desktop, IEEE Computer, vol. 38(3), pp. 14-17, 2005.
Electronic Frontier Foundation, Google copies your hard drive - Government smiles in anticipation (www.eff.org/press/archives/2006/02/09), February 9, 2006.
T. Espiner, Google admits Desktop security risk, ZDNet UK (news .zdnet.co.uk/internet/security/0,1000000189,39253447,00.htm), February 20, 2006.
Google, Google Desktop (desktop.google.com).
S. Olsen, Google unveils Desktop Search, CNET News.com (www.news.com/2100-10243-5408765.html), October 14, 2004.
B. Posey, Working with NTFS encryption (www.brienposey.com/kb/working with ntfs encryption.asp), 2002.
R. Rivest, MD5 message-digest algorithm, RFC 1321 (www.ietf.org/rfc/rfc1321.txt), 1992.
T. Spring, Google Desktop Search: Security threat? PC World (blogs.pcworld.com/staffblog/archives/000264.html), 2004.
B. Turnbull, B. Blundell and J. Slay, Google Desktop as a source of digital evidence, International Journal of Digital Evidence, vol. 5(1),2006.
X1 Technologies, X1 Desktop Search (pro.x1.com/?source=Yahoo).
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Pavlic, T., Slay, J., Turnbull, B. (2008). Extracting Evidence Using Google Desktop Search. In: Ray, I., Shenoi, S. (eds) Advances in Digital Forensics IV. DigitalForensics 2008. IFIP — The International Federation for Information Processing, vol 285. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-84927-0_4
Download citation
DOI: https://doi.org/10.1007/978-0-387-84927-0_4
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-84926-3
Online ISBN: 978-0-387-84927-0
eBook Packages: Computer ScienceComputer Science (R0)