Forensic analysis of web browsers lifecycle: A case study

IF 3.8 2区 计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS Journal of Information Security and Applications Pub Date : 2024-08-13 DOI:10.1016/j.jisa.2024.103839
Ahmed Raza , Mehdi Hussain , Hasan Tahir , Muhammad Zeeshan , Muhammad Adil Raja , Ki-Hyun Jung
{"title":"Forensic analysis of web browsers lifecycle: A case study","authors":"Ahmed Raza ,&nbsp;Mehdi Hussain ,&nbsp;Hasan Tahir ,&nbsp;Muhammad Zeeshan ,&nbsp;Muhammad Adil Raja ,&nbsp;Ki-Hyun Jung","doi":"10.1016/j.jisa.2024.103839","DOIUrl":null,"url":null,"abstract":"<div><p>The widespread integration of the internet into daily life across sectors such as healthcare, education, business, and entertainment has led to an increasing dependence on web applications. However, inherent technological vulnerabilities attract cybercriminals, necessitating robust security measures. While these security measures, including frequent updates/fixes to applications and operating systems, are essential, they also complicate forensic investigations. This research proposes a comprehensive approach to artifact identification and collection for examining browsing activities of Firefox, Chrome, and Edge on Windows 11. The methodology includes setting up and analyzing all stages of browser usage, such as installations, executions, uninstallations, and anomalous behaviors like crashes and restarts. Simulated cyber-criminal activities are used to collect artifacts at each stage, which are then analyzed using Windows 11 components such as the registry, memory, storage, and log locations. Experimental results reveal vulnerabilities, such as crashes, that can lead to the loss of sensitive information. This methodology provides a promising foundation for advancing browser forensic analysis and enhancing cybercrime investigations.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103839"},"PeriodicalIF":3.8000,"publicationDate":"2024-08-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624001418","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

The widespread integration of the internet into daily life across sectors such as healthcare, education, business, and entertainment has led to an increasing dependence on web applications. However, inherent technological vulnerabilities attract cybercriminals, necessitating robust security measures. While these security measures, including frequent updates/fixes to applications and operating systems, are essential, they also complicate forensic investigations. This research proposes a comprehensive approach to artifact identification and collection for examining browsing activities of Firefox, Chrome, and Edge on Windows 11. The methodology includes setting up and analyzing all stages of browser usage, such as installations, executions, uninstallations, and anomalous behaviors like crashes and restarts. Simulated cyber-criminal activities are used to collect artifacts at each stage, which are then analyzed using Windows 11 components such as the registry, memory, storage, and log locations. Experimental results reveal vulnerabilities, such as crashes, that can lead to the loss of sensitive information. This methodology provides a promising foundation for advancing browser forensic analysis and enhancing cybercrime investigations.

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
网络浏览器生命周期的取证分析:案例研究
互联网广泛融入医疗、教育、商业和娱乐等各行各业的日常生活,导致人们越来越依赖网络应用程序。然而,固有的技术漏洞吸引着网络犯罪分子,因此必须采取强有力的安全措施。虽然这些安全措施(包括对应用程序和操作系统的频繁更新/修复)是必不可少的,但它们也使取证调查变得复杂。本研究提出了一种全面的人工制品识别和收集方法,用于检查 Windows 11 上 Firefox、Chrome 浏览器和 Edge 浏览活动。该方法包括设置和分析浏览器使用的所有阶段,如安装、执行、卸载以及崩溃和重启等异常行为。模拟网络犯罪活动用于收集每个阶段的工件,然后使用注册表、内存、存储和日志位置等 Windows 11 组件对这些工件进行分析。实验结果揭示了可能导致敏感信息丢失的崩溃等漏洞。这种方法为推进浏览器取证分析和加强网络犯罪调查奠定了良好的基础。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Journal of Information Security and Applications
Journal of Information Security and Applications Computer Science-Computer Networks and Communications
CiteScore
10.90
自引率
5.40%
发文量
206
审稿时长
56 days
期刊介绍: Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.
期刊最新文献
Multi-ciphertext equality test heterogeneous signcryption scheme based on location privacy Towards an intelligent and automatic irrigation system based on internet of things with authentication feature in VANET A novel blockchain-based anonymous roaming authentication scheme for VANET Efficient quantum algorithms to break group ring cryptosystems IDPriU: A two-party ID-private data union protocol for privacy-preserving machine learning
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1