Dushan Dissanayake, Sadeepa Rajakaruna, Dulana Ranasinghe, Ayesha Wijesooriya, A. Jayakody, S. Rajapaksha
{"title":"Platform Independent Browser Forensic Tool for Advanced Analysis of Artifacts and Case Management","authors":"Dushan Dissanayake, Sadeepa Rajakaruna, Dulana Ranasinghe, Ayesha Wijesooriya, A. Jayakody, S. Rajapaksha","doi":"10.1109/ICAC54203.2021.9671121","DOIUrl":null,"url":null,"abstract":"A web browser is a major attack vector which cyber-criminals utilize to land in an environment. The evidence related to the malicious browsing activities can be found in the host which gives valuable information related to the case. These digital footprints involve history, cookies, bookmarks, saved credentials and downloads etc. This paper presents a sophisticated tool aiding the conventional manual investigation process from evidence collection to the final v e rdict b y a u tomating h u man dependent functions, resulting a fast and unbiased analysis of browser forensic artifacts. This tool states its unique value over the existing tools by working operating systems independently, collecting all browsing evidence including deleted artifacts and encrypted saved credentials, automatically analysing the reputation of the extracted evidence, integrating evidence collected from different web browsers into a single timeline, and correlating the adjacent distrustful events inside and outside the host. Eventually, this tool calculates a browsing reputation scorecard and creates a profile for the host, condensing the findings g a thered t h roughout the investigation. The paper presents another important methodology to predict the future browsing reputation score based on the past browsing patterns. Furthermore, multiple cases management feature and dashboard provide a concise overview of overall findings to the forensic investigator.","PeriodicalId":227059,"journal":{"name":"2021 3rd International Conference on Advancements in Computing (ICAC)","volume":"88 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 3rd International Conference on Advancements in Computing (ICAC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICAC54203.2021.9671121","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
A web browser is a major attack vector which cyber-criminals utilize to land in an environment. The evidence related to the malicious browsing activities can be found in the host which gives valuable information related to the case. These digital footprints involve history, cookies, bookmarks, saved credentials and downloads etc. This paper presents a sophisticated tool aiding the conventional manual investigation process from evidence collection to the final v e rdict b y a u tomating h u man dependent functions, resulting a fast and unbiased analysis of browser forensic artifacts. This tool states its unique value over the existing tools by working operating systems independently, collecting all browsing evidence including deleted artifacts and encrypted saved credentials, automatically analysing the reputation of the extracted evidence, integrating evidence collected from different web browsers into a single timeline, and correlating the adjacent distrustful events inside and outside the host. Eventually, this tool calculates a browsing reputation scorecard and creates a profile for the host, condensing the findings g a thered t h roughout the investigation. The paper presents another important methodology to predict the future browsing reputation score based on the past browsing patterns. Furthermore, multiple cases management feature and dashboard provide a concise overview of overall findings to the forensic investigator.