(3.239.33.139) 您好!臺灣時間:2021/03/07 23:06
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:林伯穎
研究生(外文):Bo-Ying Lin
論文名稱:在網頁瀏覽器鑑識下從被刪除的紀錄中回復使用者的行為
論文名稱(外文):Recovering User’s Activity from Deleted Log Files in Web Browser Forensics
指導教授:雷欽隆雷欽隆引用關係
指導教授(外文):Chin-Laung Lei
口試委員:郭斯彥顏嗣鈞
口試委員(外文):Sy-Yen KuoHsu-chun Yen
口試日期:2017-06-19
學位類別:碩士
校院名稱:國立臺灣大學
系所名稱:電機工程學研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2017
畢業學年度:105
語文別:英文
論文頁數:51
中文關鍵詞:數位鑑識數位證據網頁瀏覽器鑑識網頁瀏覽器分析網頁瀏覽器紀錄
外文關鍵詞:Digital forensicsDigital evidenceWeb browser forensicsWeb browser analysisWeb browser records
相關次數:
  • 被引用被引用:0
  • 點閱點閱:110
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
在現今網際網路發達的時代,網際網路成為每一個人每天的必備工具。而上網最方便的必備工具便是瀏覽器,因此瀏覽器也變成目前電腦設備中最常用的應用程式。在網路資料傳輸大量運用的同時,網路也變為一種幫助犯罪具。當使用者用瀏覽器時,他瀏覽的各項蹤跡也被記錄在硬碟裡,項目包括:歷史紀錄、搜尋項目、快取、cookies、下載列表、登入帳號和密碼、書籤等…,這些項目被 儲存在特定的資料夾檔案中,犯罪鑑識人員將可以進行取證成為重要的證據源,對於鑑識人員將有莫大的助益,但犯罪者可能刪除這些紀錄,將造成鑑識人員的挑戰。本篇論文將在Windows7 作業系統,Google Chrome 下對有用的瀏覽紀錄進行分析,且探討當非法者刪除瀏覽紀錄時,回復其行為的方法,並提出一個新的模型解決瀏覽紀錄被刪除的問題。提出的模型使用免費簡單的工具,但可以達到好的回復紀錄結果。
In today''s era of International Network vigorous development, Internet become an essential tool for every person every day. The most convenient tool for surfing the Internet is the browser, so most used applications by the majority of user of computer are also web browsers. In the large number of network data transmission at the same time, the network has also become a way to help crime. When users use browser, the traces of their browsing are also recorded in the hard drive including history, searching key, cache, cookies, download list, login information, bookmarks etc. These items are stored
specified log files of folders, and forensic investigators will be able to obtain evidence as an important source of evidence. This will have a great help for forensic investigators. However, that suspects may delete theses records will cause a large challenge for forensic investigators. In the paper, we analyze useful browsing records for Google Chrome on Windows7, and explore how to recover illegal activity when an illegal person deletes a browsing history. We propose a novel methodology to solve the problem that the browsing history is deleted. The methodology uses simple and free forensics tool, but can achieve good result to recover browsing records.
口試委員審定書...........................................#
致謝....................................................i
中文摘要................................................ii
Abstract..............................................iii
Contents...............................................iv
List of Figures........................................vi
List of Table........................................viii
Chapter 1 Introduction..................................1
Chapter 2 Web Browser Forensics.........................3
Chapter 3 Background Technique..........................6
3.1 Records on Google Chrome.........................6
3.1.1 History......................................6
3.1.2 Download List................................7
3.1.3 Cache........................................8
3.1.4 Cookies.....................................10
3.1.5 Login Data..................................12
3.1.6 Bookmark....................................13
3.2 Web Browser Forensic Tools......................15
3.2.1 WEFA(Web Browser Forensic Analyzer) ........15
3.2.2 Chromensics.................................18
3.2.3 AccessData FTK imager.......................20
Chapter 4 Proposed Methodology.........................22
Chapter 5 Experiments and result.......................27
5.1 Result of Scenario 1...........................36
5.2 Result of Scenario 2...........................39
5.3 Result of Scenario 3...........................42
5.4 Result of Scenario 4...........................43
Chapter 6 Discussion.................................. 45
Chapter 7 Conclusion...................................48
References.............................................50
[1] B. Jain and R. Kumar, “Web Browser as a Forensic Computing Tool,” The IUP Journal of Information Technology, Sep. 2007.
[2] Z. Nagy. (2012). Using Forensic Techniques for Internet Activity Reconstruction [Online]. Available:
http://www.wseas.us/e-library/conferences/2012/Kos/COMCOM/COMCOM-40.pdf
[3] A. Nalawade; S. Bharne; V. Mane, “Forensic Analysis and Evidence Collection for Web Browser Activity,” in Proc. IEEE International Conf. ICACDOT, Pune, INDIA, 2016, pp. 518 – 522.
[4] P. Anuradha; T. R. Kumar; N. V. Sobhana, “Recovering deleted browsing artifacts from web browser log files in Linux environment,” in Proc. IEEE Sym. Conf. CDAN, 2016, pp. 1 – 4.
[5] G. Aggarwal; E. Bursztein; C. Jackson; D. Boneh, “An Analysis of Private Browsing Modes in Modern Browsers,” in Proc. 19th USENIX Conf. Security, Aug. 2010, pp. 6-6.
[6] D. J. Ohana; N. Shashidhar, “Do Private and Portable Web Browsers Leave Incriminating Evidence? A Forensic Analysis of Residual Artifacts from Private and Portable Web Browsing Sessions,” in Proc. IEEE Security and Privacy Workshops, 2013, pp. 135 – 142.
[7] H. Said; N. A. Mutawa; I. A. Awadhi; M. Guimaraes, “Forensic analysis of private browsing artifacts,” in Proc. IEEE International Conf. INNOVATIONS, 2011, pp. 197– 202.
[8] Divyesh Dharan G D and Nagoor Meeran A R, “Forensic Evidence Collection by Reconstruction of Artifacts in Portable Web Browser,” International Journal of Computer Applications, vol. 91, no. 4, pp. 32-35, Apr. 2014.
[9] K. Satvat, M. Forshaw, F. Hao and E. Toreini, “On the Privacy of Private Browsing - A Forensic Approach,” Journal of Information Security and Applications, vol. 19, no. 1, pp. 88-100, Feb. 2014.
[10] A. Marrington; I. Baggili; T. A. Ismail; A. A. Kaf, “Portable web browser forensics: A forensic examination of the privacy benefits of portable web browsers,” in Proc. IEEE International Conf. ICCSII, 2012, pp. 1 – 6.
[11] C. Flowers, A. Mansour and H. M. Al-Khateeb, “Web browser artefacts in private and portable modes: a forensic investigation,” International Journal of Electronic Security and Digital Forensics archive, vol. 8, no. 2, pp. 99-117 , Mar. 2016.
[12] E. S. Noorulla. (2014, Jun. 30). Web Browser Private Mode Forensics Analysis
[Online]. Available: http://scholarworks.rit.edu/theses/8451
[13] N. Shafqat, “Forensic Investigation of User''s Web Activity on Google Chrome using various Forensic Tools,” International Journal of Computer Science and Network Security, vol. 16, no. 9, pp. 123-132, Sep. 2016.
[14] E. Akbal1, F. Güneş and A. Akbal2. (2016, Mar. 12) Digital Forensic Analyses of Web Browser Records [Online]. Available: http://www.jsoftware.us/vol11/170-CS019.pdf
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
系統版面圖檔 系統版面圖檔