Information Retrieval From Internet Applications For Digital Forensic
This addresses the challenge for digital forensic investigators in gathering accurate evidence from internet applications, though it is incremental as it applies existing methods to new data.
The paper tackled the problem of recovering digital evidence from a system's RAM to aid forensic investigations, finding that crucial user information like usernames and passwords was recoverable from recent browsing sessions across four applications and two browsers.
Advanced internet technologies providing services like e-mail, social networking, online banking, online shopping etc., have made day-to-day activities simple and convenient. Increasing dependency on the internet, convenience, and decreasing cost of electronic devices have resulted in frequent use of online services. However, increased indulgence over the internet has also accelerated the pace of digital crimes. The increase in number and complexity of digital crimes has caught the attention of forensic investigators. The Digital Investigators are faced with the challenge of gathering accurate digital evidence from as many sources as possible. In this paper, an attempt was made to recover digital evidence from a system's RAM in the form of information about the most recent browsing session of the user. Four different applications were chosen and the experiment was conducted across two browsers. It was found that crucial information about the target user such as, user name, passwords, etc., was recoverable.