An exploration of artefacts of remote desktop applications on Windows

Document Type

Conference Proceeding

School

School of Science

RAS ID

24701

Comments

Kerai, P. L., & Vekariya, V. M. R. (2016). An exploration of artefacts of remote desktop applications on windows. In Valli, C. (Ed.). (2016). The Proceedings of 14th Australian Digital Forensics Conference, 5-6 December 2016, Edith Cowan University, Perth, Australia. (pp.42-49). Available here.

Abstract

Remote Desktop Applications (RDA) such as Virtual Network Computing (VNC), Cisco WebEx, GoToMeeting and LogMeIn have been adapted and utilised recently. This is because they facilitate tier-one support to configure computers, networks and solve application-related issues from a remote location. The direct benefit from the use of these applications, is the time (and therefore cost) saving for organisations. Unfortunately, “remoting” technology can also be used by criminals to perform illegal activities, hence remote applications are of key interest to law agencies and forensic investigators. The research outlined in this paper aims to identify any artefacts left behind by common remote applications and technologies used by many firms. These artefacts can be vital to government law enforcement agencies and forensic investigators, as they could be used as evidence in cyber-crime investigations. This research will focus on RealVNC, TightVNC, Cisco WebEx, GoToMeeting and LogMeIn applications. The findings from the research shows some artefacts left behind by the applications, which can be used by forensics investigators or law enforcement for possible evidence.

DOI

10.4225/75/58a54f83180cc

Access Rights

free_to_read

Share

 
COinS