Analysis Framework to Detect Artifacts of Portable Web Browser

Choi, Jong-Hyun; Lee, Keun-gi; Park, Jungheum; Lee, Changhoon; Lee, Sangjin

doi:10.1007/978-94-007-5083-8_26

Jong-Hyun Choi⁵,
Keun-gi Lee⁵,
Jungheum Park⁵,
Changhoon Lee⁶ &
…
Sangjin Lee⁵

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 180))

1330 Accesses
6 Citations

Abstract

Portable web browser is a stand-alone web browser, which is designed to run on web pages and applications on an operating system independently. Portable web browsers store artifacts in the installed in the folder, while normal web browsers store artifacts in the user’s system. Therefore, portable web browsers are difficult to judge whether that users used portable web browsers. This paper describes whether that manufacturer support portable web browser and find out about the artifact path of portable web browsers. Then, we propose analysis framework to detect artifacts of portable web browsers through ‘UserAssist’ key value and prefetch file and explain the each module of framework.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 129.00; Price excludes VAT (USA)

Softcover Book: USD 169.99; Price excludes VAT (USA)

Hardcover Book: USD 169.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Jones, K.J.: Forensic Analysis of Internet Explorer Activity Files, http://www.mcafee.com/us/resources/white-papers/foundstone/wp-pasco.pdf (accessed May 31)
Pereira, M.T.: Forensic analysis of the Firefox3Internethistory and recovery of deleted SQLite records. Digital Investigation 5(3-4), 93–103 (2008-2009)
Google Scholar
Parsonage, H.: Web Browser session resotre forensic: Computer Forensics Miscellany, http://computerforensics.parsonage.co.uk/downloads/WebBrowserSessionRestoreForensics.pdf (accessed May 31)
Oh, J., Lee, S., Lee, S.: Advanced evidence collection and analysis of web browser activity. Digital Investigation 8(suppl.), S62–S70 (2011)
Article Google Scholar
Mooney, J.D.: Developing portable software, http://www.cs.colostate.edu/saxs/researchexam/DevelopingPortableSoftware.pdf
Portable application community, http://portableapps.com (accessed May 31)
Portable application community, http://www.portableturk.com (accessed May 31)
Accessdata Supplemental Appendix, http://accessdata.com (accessed May 31)
[MS-SHLLINK]: Shell Link(.LNK) Binary File Format, http://www.microsoft.com (accessed May 31)
Lim, J., Kim, K., Lee, S.: A Study of Windows Prefetch file from Point of View of Digital Forensic. In: CISC. Korea Institute of Information Security & Cryptography (2007)
Google Scholar
Carvey, H.: Tracking USB storage: Analysis of windows artifacts generated by USB storage devices. Digital Investigation 2(2), 94–100 (2005)
Article Google Scholar
Process monitor, http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx (accessed May 31)
UserAssist, http://blog.didierstevens.com/programs/userassist/ (accessed May 31)
REGA(Registry analyzer), http://forensic.korea.ac.kr/sub_tools/_tools_1.php (accessed May 31)

Download references

Author information

Authors and Affiliations

Center for Information Security Technologies, Korea University, Seoul, Korea
Jong-Hyun Choi, Keun-gi Lee, Jungheum Park & Sangjin Lee
Department of Computer Science and Engineering, Seoul National University of Science and Technology(SeoulTech), Seoul, Korea
Changhoon Lee

Authors

Jong-Hyun Choi
View author publications
You can also search for this author in PubMed Google Scholar
Keun-gi Lee
View author publications
You can also search for this author in PubMed Google Scholar
Jungheum Park
View author publications
You can also search for this author in PubMed Google Scholar
Changhoon Lee
View author publications
You can also search for this author in PubMed Google Scholar
Sangjin Lee
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jong-Hyun Choi .

Editor information

Editors and Affiliations

SeoulTech, Computer Science and Engineering, Seoul University Science & Technology, Gongreung 2-dong 172, Seoul, 139-743, Korea, Republic of (South Korea)
Jong Hyuk (James) Park
, Division of e-Business, Kyungnam University, Changwon, Korea, Republic of (South Korea)
Jongsung Kim
, Department of Information Security, Huazhong University of Science and Techn, Luoyu Road 1037, Wuhan, 430074, China, People's Republic
Deqing Zou
, Division of Computer Engineering, Mokwon University, 800 Doan-dong, Seo-gu, Daejeon, 302-729, Korea, Republic of (South Korea)
Yang Sun Lee

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Choi, JH., Lee, Kg., Park, J., Lee, C., Lee, S. (2012). Analysis Framework to Detect Artifacts of Portable Web Browser. In: Park, J., Kim, J., Zou, D., Lee, Y. (eds) Information Technology Convergence, Secure and Trust Computing, and Data Management. Lecture Notes in Electrical Engineering, vol 180. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-5083-8_26

Download citation

DOI: https://doi.org/10.1007/978-94-007-5083-8_26
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-5082-1
Online ISBN: 978-94-007-5083-8
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics