Paligu Furkan, Kumar Avinash, Cho Hyuk, Varol Cihan
Department of Computer Science, Sam Houston State University, 1903 Ave I, Huntsville, TX, 77341, USA.
J Forensic Sci. 2019 Sep;64(5):1370-1378. doi: 10.1111/1556-4029.14043. Epub 2019 Mar 20.
As the Internet and World Wide Web have rapidly evolved and revolutionized the applications in everyday life, it is a demanding challenge for investigators to keep up with the emerging technologies for forensic analyses. Investigating web browser usages for criminal activities, also known as web browser forensics, is a significant part of digital forensics as crucial browsing information of the suspect can be discovered. Particularly, in this study, an emerging web storage technology, called IndexedDB, is examined. Characteristics of IndexedDB technology in five major web browsers under three major operating systems are scrutinized. Also, top 15 US websites ranked by Alexa are investigated for their data storage in IndexedDB. User screen names, ids, and records of conversations, permissions, and image locations are some of the data found in IndexedDB. Furthermore, BrowStEx, a proof-of-concept tool previously developed, is extended and cultivated into BrowStExPlus, with which aggregating IndexedDB artifacts is demonstrated.
随着互联网和万维网迅速发展并彻底改变了日常生活中的应用,对于研究人员来说,跟上用于法医分析的新兴技术是一项艰巨的挑战。调查用于犯罪活动的网络浏览器使用情况,也称为网络浏览器取证,是数字取证的重要组成部分,因为可以发现嫌疑人的关键浏览信息。特别是,在本研究中,对一种名为IndexedDB的新兴网络存储技术进行了研究。仔细审查了三大操作系统下五大网络浏览器中IndexedDB技术的特性。此外,还调查了Alexa排名前15的美国网站在IndexedDB中的数据存储情况。用户屏幕名称、ID以及对话记录、权限和图像位置是在IndexedDB中发现的一些数据。此外,之前开发的概念验证工具BrowStEx被扩展并发展为BrowStExPlus,通过它展示了聚合IndexedDB工件的过程。
