Zainurrasyid Abdullah

Abstracts

2 Digital Forensics Analysis Focusing on the Onion Router Browser Artifacts in Windows 10

Authors: Zainurrasyid Abdullah, Mohamed Fadzlee Sulaiman, Muhammad Fadzlan Zainal, M. Zabri Adil Talib, Aswami Fadillah M. Ariffin

Abstract:

The Onion Router (Tor) browser is a well-known tool and widely used by people who seeking for web anonymity when browsing the internet. Criminals are taking this advantage to be anonymous over the internet. Accessing the dark web could be the significant reason for the criminal in order for them to perform illegal activities while maintaining their anonymity. For a digital forensic analyst, it is crucial to extract the trail of evidence in proving that the criminal’s computer has used Tor browser to conduct such illegal activities. By applying the digital forensic methodology, several techniques could be performed including application analysis, memory analysis, and registry analysis. Since Windows 10 is the latest operating system released by Microsoft Corporation, this study will use Windows 10 as the operating system platform that running Tor browser. From the analysis, significant artifacts left by Tor browser were discovered such as the execution date, application installation date and browsing history that can be used as an evidence. Although Tor browser was designed to achieved anonymity, there is still some trail of evidence can be found in Windows 10 platform that can be useful for investigation.

Keywords: Digital Forensics, Forensic Analysis, artifacts analysis, memory analysis, registry analysis, tor browser, Windows 10

Procedia PDF Downloads 26
1 Anomaly Detection of Log Analysis using Data Visualization Techniques for Digital Forensics Audit and Investigation

Authors: Mohamed Fadzlee Sulaiman, Zainurrasyid Abdullah, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

In common digital forensics cases, investigation may rely on the analysis conducted on specific and relevant exhibits involved. Usually the investigation officer may define and advise digital forensic analyst about the goals and objectives to be achieved in reconstructing the trail of evidence while maintaining the specific scope of investigation. With the technology growth, people are starting to realize the importance of cyber security to their organization and this new perspective creates awareness that digital forensics auditing must come in place in order to measure possible threat or attack to their cyber-infrastructure. Instead of performing investigation on incident basis, auditing may broaden the scope of investigation to the level of anomaly detection in daily operation of organization’s cyber space. While handling a huge amount of data such as log files, performing digital forensics audit for large organization proven to be onerous task for the analyst either to analyze the huge files or to translate the findings in a way where the stakeholder can clearly understand. Data visualization can be emphasized in conducting digital forensic audit and investigation to resolve both needs. This study will identify the important factors that should be considered to perform data visualization techniques in order to detect anomaly that meet the digital forensic audit and investigation objectives.

Keywords: Data Visualization, Digital Forensic, Visualization Techniques, Anomaly Detection, log analysis, forensic audit

Procedia PDF Downloads 149