Forensics Analysis of TOR Browser

Kumar, Adarsh; Sondarva, Kumar; Gohil, Bhavesh N.; Patel, Sankita J.; Shah, Ramya; Rajvansh, Sarang; Sanghvi, H. P.

doi:10.1007/978-981-99-5091-1_24

Adarsh Kumar⁴⁰,
Kumar Sondarva⁴⁰,
Bhavesh N. Gohil⁴⁰,
Sankita J. Patel⁴⁰,
Ramya Shah⁴¹,
Sarang Rajvansh⁴¹ &
…
H. P. Sanghvi⁴²

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 1075))

Included in the following conference series:

International Conference on Information Security, Privacy and Digital Forensics

140 Accesses

Abstract

The Onion Router is a web browser that uses the Tor network to anonymize web traffic by making it simple to conceal one’s identity on social media. It uses the onion routing technology to access the multiple-level encrypted, Internet-impossible private mode. These features are being abused to engage in a variety of criminal activities, including cyber terrorism and the black market. The TOR erases all browsing history and other network traces, making it impossible for investigators to gather evidence. This study extracts and examines any potential artifacts that the TOR browser may have produced in local system files and memory dumps.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 149.00; Price excludes VAT (USA)

Hardcover Book: USD 199.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Sajan PP, Balan C, Priya MJD, Sreedeep AL (2021) Tor browser forensics. Turkish J Comput Math Educ 12(11):5599–5608
Google Scholar
Mulr M, Lelmich P, Buchanan WJ (2019) A forensic audit of the tor browser bundle. Digital Investig, Research Gate
Google Scholar
Darcie W, Boggs RJ, Sammons J, Fenger T (2014) Online anonymity: forensic analysis of the tor browser bundle. Technical Report, pp 1–34
Google Scholar
Dingledine R, Mathewson N, Syverson P (2004) Tor: the second-generation onion router. Technical report, Naval Research Lab, Washington, DC
Google Scholar
Chivers H (2014) Private browsing, a window of forensic opportunity. Digital Invest 11:20–29
Google Scholar
Goldschlag DM, Reed MG, Syverson PF (1996) Hiding routing information. In: International workshop on information hiding, Springer, pp 137–150
Google Scholar
Huang MJC, Wan YL et al (2018) Tor browser forensics in exploring invisible evidence. In: 2018 IEEE international conference on systems, man, and cybernetics
Google Scholar
Arshad MR, Hussain M, Tahir H, Qadir S, Memon FIA, Javed Y (2021) Forensic analysis of tor browser on windows 10 and android 10 operating systems
Google Scholar
Ghafarian A, Seno S (2015) Analysis of privacy of private browsing mode through memory forensics. Int J Comput Appl 132
Google Scholar
Dave R, Mistry NR, Dahiya MS (2014) Volatile memory based forensic artifacts and analysis. Int J Res Appl Sci Eng Technol 2(1):120–124
Google Scholar
Dayalamurthy D (2013) Forensic memory dump analysis and recovery of the artifacts of using tor bundle browser the need
Google Scholar

Download references

Author information

Authors and Affiliations

Computer Engineering Department, Sardar Vallabhbhai National Institute of Technology, Surat, 395-007, Gujarat, India
Adarsh Kumar, Kumar Sondarva, Bhavesh N. Gohil & Sankita J. Patel
School of Cyber Security and Digital Forensics, National Forensic Sciences University, Gandhinagar, 382007, Gujarat, India
Ramya Shah & Sarang Rajvansh
Directorate of Forensic Science, Gandhinagar, Gujarat, India
H. P. Sanghvi

Authors

Adarsh Kumar
View author publications
You can also search for this author in PubMed Google Scholar
Kumar Sondarva
View author publications
You can also search for this author in PubMed Google Scholar
Bhavesh N. Gohil
View author publications
You can also search for this author in PubMed Google Scholar
Sankita J. Patel
View author publications
You can also search for this author in PubMed Google Scholar
Ramya Shah
View author publications
You can also search for this author in PubMed Google Scholar
Sarang Rajvansh
View author publications
You can also search for this author in PubMed Google Scholar
H. P. Sanghvi
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Adarsh Kumar .

Editor information

Editors and Affiliations

Department of Computer Science and Engineering, Sardar Vallabhbhai National Institute of Technology, Surat, India
Sankita J. Patel
School of Cyber Security and Digital Forensics, National Forensic Sciences University, Gujarat, India
Naveen Kumar Chaudhary
Department of Computer Science and Engineering, Sardar Vallabhbhai National Institute of Technology, Surat, India
Bhavesh N. Gohil
Florida International University, Miami, FL, USA
S. S. Iyengar

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Kumar, A. et al. (2024). Forensics Analysis of TOR Browser. In: Patel, S.J., Chaudhary, N.K., Gohil, B.N., Iyengar, S.S. (eds) Information Security, Privacy and Digital Forensics. ICISPD 2022. Lecture Notes in Electrical Engineering, vol 1075. Springer, Singapore. https://doi.org/10.1007/978-981-99-5091-1_24

Download citation

DOI: https://doi.org/10.1007/978-981-99-5091-1_24
Published: 02 November 2023
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-5090-4
Online ISBN: 978-981-99-5091-1
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics