Privacy Preserving Internet Browsers: Forensic Analysis of Browzar
With the advance of technology, Criminal Justice agencies are being confronted with an increased need to investigate cybercrimes perpetrated partially or entirely over the Internet. In order to conceal illegal online activity, criminals often use private browsing features or browsers designed to provide complete private browsing. The use of private browsing is a common challenge faced in, for example, child exploitation investigations, which usually originate on the Internet. Although private browsing features are not designed specifically for criminal activity, they have become a valuable tool for criminals looking to conceal their online activity. Private browsing features and browsers often require a more in-depth, post-mortem analysis. This often requires the use of multiple tools, as well as different forensic approaches to uncover incriminating evidence. This evidence may be required in a court of law, where analysts are often challenged both on their findings and on the tools and approaches used to recover evidence. However, there are very few research studies on forensic acquisition and analysis of privacy preserving Internet browsers. Therefore in this chapter, we firstly review the private mode of popular Internet browsers. Next, we describe the forensic acquisition and analysis of Browzar, a privacy preserving Internet browser.
KeywordsPrivacy browser forensics Browzar Internet browser Forensic acquisition and analysis Live data forensics Post-mortem forensics
- 1.Acar, G., Eubank, C., Englehardt, S., Juarez, M., Narayanan, A., & Diaz, C. (2014, November). The web never forgets: Persistent tracking mechanisms in the wild. In Proceedings of CCS 2014.Google Scholar
- 2.Aggarwal, G., Bursztein, E., Jackson, C., & Boneh, D. (2010). An analysis of private browsing modes in modern browsers. In Proceedings of the 19th USENIX security symposium, USENIX Association.Google Scholar
- 6.Europol. (2016). Europol identifies 3600 organised crime groups active in the EU. Available via https://www.europol.europa.eu/content/europol-identifies-3600-organised-crime-groups-active-eu-europol-report-warns-new-breed-crim. Accessed 10 December 2016.
- 8.Faheem, M., Kechadi, M. T., Le-Khac, N. A.. (2016). Toward a new mobile cloud forensic framework. In 6th IEEE International Conference on Innovative Computing Technology, Ireland.Google Scholar
- 10.Ghafarian, A. (2016, May). Forensics analysis of privacy of portable web browsers. In ADFSL Conference on Digital Forensics, Security and Law, Daytona Beach, Florida.Google Scholar
- 11.Hedberg, A. (2013). The privacy of private browsing (Technical Report). Available via http://www.cs.tufts.edu/comp/116/archive/fall2013/ahedberg.pdf. Accessed December 2016.
- 12.Interpol. (2016). Cybercrime. Available via http://www.interpol.int/Crime-areas/Cybercrime/Cybercrime. Accessed 30 November 2016.
- 13.Jones, K., & Rohyt, B. (2005). Web browser forensic. Security Focus. Available via http://www.securityfocus.com/infocus/1827. Accessed 10 December 2016.
- 14.Jones, K. J. (2003). Forensic analysis of internet explorer activity files. Foundstone. Available via http://www.foundstone.com/us/pdf/wp_index_dat.pdf. Accessed 15 January 2017.
- 15.Juarez, M., Imani, M., Perry, M., Diaz, C., & Wright, M. (2016). Toward an efficient website fingerprinting defense. In I. Askoxylakis, S. Ioannidis, S. Katsikas, & C. Meadows (Eds.), Computer Security – ESORICS 2016. ESORICS 2016, Lecture notes in computer science (Vol. 9878). Cham: Springer.Google Scholar
- 16.Junghoon, O., Seungbong, L., & Sangjin, L. (2011, August 1–3). Advanced evidence collection and analysis of web browser activity. In The digital forensic research conference, Los Angeles.Google Scholar
- 17.Khanikekar, S. K. (2010). Web forensics. Graduate thesis, A&M University, Texas.Google Scholar
- 18.Le Khac, NA, Bue, M., Whelan, M., & Kechadi, M. T. (2010, November). A cluster-based data reduction for very large spatio-temporal datasets. In International conference on advanced data mining and applications, China.Google Scholar
- 19.Le-Khac, N. A., Markos, S., O’Neill, M., Brabazon, A., & Kechadi, M. T. (2009, July). An efficient search tool for an anti-money laundering application of an multi-national bank’s dataset. In CESRA Press (Eds.), 2009 International conference on Information and Knowledge Engineering (IKE’09), Las Vegas, USA.Google Scholar
- 23.Techdirt. (2016). According to the government, clearing your browser history is a felony. Available via https://www.techdirt.com/articles/20150606/16191831259/according-to-government-clearing-your-browser-history-is-felony.shtml. Accessed December 2016.
- 24.Voorst, R. V., Kechadi, T., & Le-Khac, N. A. (2015). Forensics acquisition of Imvu: A case study. Journal of Association of Digital Forensics, Security and Law, 10(4), 69–78.Google Scholar