We found a match
Your institution may have rights to this item. Sign in to continue.
- Title
Analyzing Tor Browser Artifacts for Enhanced Web Forensics, Anonymity, Cybersecurity, and Privacy in Windows-Based Systems.
- Authors
Javed, Muhammad Shanawar; Sajjad, Syed Muhammad; Mehmood, Danish; Mansoor, Khawaja; Iqbal, Zafar; Kazim, Muhammad; Muhammad, Zia
- Abstract
The Tor browser is widely used for anonymity, providing layered encryption for enhanced privacy. Besides its positive uses, it is also popular among cybercriminals for illegal activities such as trafficking, smuggling, betting, and illicit trade. There is a need for Tor Browser forensics to identify its use in unlawful activities and explore its consequences. This research analyzes artifacts generated by Tor on Windows-based systems. The methodology integrates forensic techniques into incident responses per NIST SP (800-86), exploring areas such as registry, storage, network, and memory using tools like bulk-extractor, autopsy, and regshot. We propose an automated PowerShell script that detects Tor usage and retrieves artifacts with minimal user interaction. Finally, this research performs timeline analysis and artifact correlation for a contextual understanding of event sequences in memory and network domains, ultimately contributing to improved incident response and accountability.
- Subjects
NETWORK operating system; DIGITAL forensics; ARCHAEOLOGY methodology; ANONYMITY; SMUGGLING
- Publication
Information (2078-2489), 2024, Vol 15, Issue 8, p495
- ISSN
2078-2489
- Publication type
Article
- DOI
10.3390/info15080495