Fireguard - A Secure Browser with Reduced Forensic Footprint

Document Type

Conference Proceeding

Faculty

Faculty of Health, Engineering and Science

School

School of Computer and Security Science

Comments

Griffiths, D. & James, P. (2010). Fireguard – A Secure Browser with Reduced Forensic Footprint. Paper presented at the Proceedings of the 8th Australian Digital Forensics Conference, Edith Cowan University, Perth Western Australia, November 30th 2010. Available here.

Abstract

Fireguard is a secure portable browser designed to reduce both data leakage from browser data remnants and cyber attacks from malicious code exploiting vulnerabilites in browser plug-ins, extensions and software updates. A browser can leave data remnants on a host PC hard disk drive, often unbeknown to a user, in the form of cookies, histories, saved passwords, cached web pages and downloaded objects. Forensic analysis, using freely available computer forensic tools, may reveal sensitive and confidential information. A browser’s capability to increase its features through plug-ins and extensions and perform patch management or upgrade to a new release via a software update provides an opportunity for an attacker to embed malicious software and subsequently launch a cyber attack. Fireguard has been implemented using both Mozilla Firefox and the storage and protection capabilities of the Mini-SDV, a secure Portable Execution and Storage Environment (PESE). In this paper the design and development of Fireguard is discussed. The requirement for a secure PESE and the functionality of the Mini-SDV is presented. An overview is given of the motivation for the development of Fireguard. The reasons Firefox was selected and the Firefox structure and security vulnerabilities are summarised. The implementation approach adopted is discussed and the results of an analysis of the Firefox implementation are presented. The Mini-SDV configuration for Fireguard and an outline of the concept of operation is given. The changes made to Firefox to implement Fireguard as a browser that reduces the opportunity for data leakage and cyber attack, and minimises its forensic footprint are discussed. The paper concludes by considering the strengths and limitations of the Fireguard implementation.

DOI

10.4225/75/57b2950a40cdc

Access Rights

Free_to_read

Share

 
COinS
 

Link to publisher version (DOI)

10.4225/75/57b2950a40cdc