Browsers’ Private Mode: Is It What We Were Promised?
Web browsers are one of the most used applications on every computational device in our days. Hence, they play a pivotal role in any forensic investigation and help determine if nefarious or suspicious activity has occurred on that device. Our study investigates the usage of private mode and browsin...
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2021-12-01
|
| Series: | Computers |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2073-431X/10/12/165 |
| _version_ | 1797505734145998848 |
|---|---|
| author | Kris Hughes Pavlos Papadopoulos Nikolaos Pitropakis Adrian Smales Jawad Ahmad William J. Buchanan |
| author_facet | Kris Hughes Pavlos Papadopoulos Nikolaos Pitropakis Adrian Smales Jawad Ahmad William J. Buchanan |
| author_sort | Kris Hughes |
| collection | DOAJ |
| description | Web browsers are one of the most used applications on every computational device in our days. Hence, they play a pivotal role in any forensic investigation and help determine if nefarious or suspicious activity has occurred on that device. Our study investigates the usage of private mode and browsing artefacts within four prevalent web browsers and is focused on analyzing both hard disk and random access memory. Forensic analysis on the target device showed that using private mode matched each of the web browser vendors’ claims, such as that browsing activity, search history, cookies and temporary files that are not saved in the device’s hard disks. However, in volatile memory analysis, a majority of artefacts within the test cases were retrieved. Hence, a malicious actor performing a similar approach could potentially retrieve sensitive information left behind on the device without the user’s consent. |
| first_indexed | 2024-03-10T04:23:10Z |
| format | Article |
| id | doaj.art-b95c9575b5584d3c9fb9d992af9e0b08 |
| institution | Directory Open Access Journal |
| issn | 2073-431X |
| language | English |
| last_indexed | 2024-03-10T04:23:10Z |
| publishDate | 2021-12-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Computers |
| spelling | doaj.art-b95c9575b5584d3c9fb9d992af9e0b082023-11-23T07:46:43ZengMDPI AGComputers2073-431X2021-12-01101216510.3390/computers10120165Browsers’ Private Mode: Is It What We Were Promised?Kris Hughes0Pavlos Papadopoulos1Nikolaos Pitropakis2Adrian Smales3Jawad Ahmad4William J. Buchanan5Blockpass ID Lab, School of Computing, Edinburgh Napier University, Edinburgh EH10 5DT, UKBlockpass ID Lab, School of Computing, Edinburgh Napier University, Edinburgh EH10 5DT, UKBlockpass ID Lab, School of Computing, Edinburgh Napier University, Edinburgh EH10 5DT, UKBlockpass ID Lab, School of Computing, Edinburgh Napier University, Edinburgh EH10 5DT, UKBlockpass ID Lab, School of Computing, Edinburgh Napier University, Edinburgh EH10 5DT, UKBlockpass ID Lab, School of Computing, Edinburgh Napier University, Edinburgh EH10 5DT, UKWeb browsers are one of the most used applications on every computational device in our days. Hence, they play a pivotal role in any forensic investigation and help determine if nefarious or suspicious activity has occurred on that device. Our study investigates the usage of private mode and browsing artefacts within four prevalent web browsers and is focused on analyzing both hard disk and random access memory. Forensic analysis on the target device showed that using private mode matched each of the web browser vendors’ claims, such as that browsing activity, search history, cookies and temporary files that are not saved in the device’s hard disks. However, in volatile memory analysis, a majority of artefacts within the test cases were retrieved. Hence, a malicious actor performing a similar approach could potentially retrieve sensitive information left behind on the device without the user’s consent.https://www.mdpi.com/2073-431X/10/12/165digital forensic investigationweb browsersprivate modeartefacts |
| spellingShingle | Kris Hughes Pavlos Papadopoulos Nikolaos Pitropakis Adrian Smales Jawad Ahmad William J. Buchanan Browsers’ Private Mode: Is It What We Were Promised? Computers digital forensic investigation web browsers private mode artefacts |
| title | Browsers’ Private Mode: Is It What We Were Promised? |
| title_full | Browsers’ Private Mode: Is It What We Were Promised? |
| title_fullStr | Browsers’ Private Mode: Is It What We Were Promised? |
| title_full_unstemmed | Browsers’ Private Mode: Is It What We Were Promised? |
| title_short | Browsers’ Private Mode: Is It What We Were Promised? |
| title_sort | browsers private mode is it what we were promised |
| topic | digital forensic investigation web browsers private mode artefacts |
| url | https://www.mdpi.com/2073-431X/10/12/165 |
| work_keys_str_mv | AT krishughes browsersprivatemodeisitwhatwewerepromised AT pavlospapadopoulos browsersprivatemodeisitwhatwewerepromised AT nikolaospitropakis browsersprivatemodeisitwhatwewerepromised AT adriansmales browsersprivatemodeisitwhatwewerepromised AT jawadahmad browsersprivatemodeisitwhatwewerepromised AT williamjbuchanan browsersprivatemodeisitwhatwewerepromised |