Forensic memory dump analysis and recovery of the artefacts of using tor bundle browser-the need
Edith Cowan University
Faculty of Health, Engineering and Science
School of Computer and Security Science
The Onion Routing (TOR) project is a network of virtual tunnels that facilitates secure, private communications on the internet. A recent article published in "The Registry" claims that TOR bundle browser usage has increased in recent years; statistics show that in January 2012, there were approximately 950,000 users globally and now in August 2013 that figure is estimated to have reached 1,200,000 users. The report also illustrates that The United states of America and the United Kingdom are major contributors towards the massive increase in TOR usage. Similarly, other countries like India and Brazil have increased usage to 32,000 and 85,000 respectively. This research paper will be an introduction and identifies the need for research in this area, and provides a literature review on existing research. The objective of this paper is to discuss the existing methodologies for analysing forensic artefacts from RAM from the use of the TOR browser bundle and to propose a synthesized forensic analysis framework that can be used for analysing TOR artefacts.