Forensic memory dump analysis and recovery of the artefacts of using TOR bundle browser – The need
Document Type
Conference Proceeding
Publisher
Edith Cowan University
Faculty
Faculty of Health, Engineering and Science
School
School of Computer and Security Science
RAS ID
19190
Abstract
The Onion Routing (TOR) project is a network of virtual tunnels that facilitates secure, private communications on the internet. A recent article published in "The Registry" claims that TOR bundle browser usage has increased in recent years; statistics show that in January 2012, there were approximately 950,000 users globally and now in August 2013 that figure is estimated to have reached 1,200,000 users. The report also illustrates that The United states of America and the United Kingdom are major contributors towards the massive increase in TOR usage. Similarly, other countries like India and Brazil have increased usage to 32,000 and 85,000 respectively. This research paper will be an introduction and identifies the need for research in this area, and provides a literature review on existing research. The objective of this paper is to discuss the existing methodologies for analysing forensic artefacts from RAM from the use of the TOR browser bundle and to propose a synthesized forensic analysis framework that can be used for analysing TOR artefacts.
DOI
10.4225/75/57b3c7f3fb86e
Access Rights
free_to_read
Comments
Dayalamurthy D. (2014). Forensic memory dump analysis and recovery of the artefacts of using tor bundle browser-the need. Proceedings of the 11th Australian Digital Forensics Conference, ADF 2013. (pp. 71-83). Edith Cowan University. Available here