Systematic Analysis of Browser History Evidence

Groß T, Dirauf R, Freiling F (2020)

Publication Language: English

Publication Type: Conference contribution, Conference Contribution

Publication year: 2020

Pages Range: 1-12

Conference Proceedings Title: 2020 13th International Conference on Systematic Approaches to Digital Forensic Engineering (SADFE)

Event location: New York US

DOI: 10.1109/SADFE51007.2020.00010

Abstract

Traces of browser usage are an important piece of digital evidence in many cases. In the literature, it is usually assumed that the entries in the browser history and the browser cache reliably indicate which URL was accessed and at which time this was done. Using the market leaders Google Chrome and Mozilla Firefox as examples, and comparing our results with older versions of Internet Explorer, we show that this exact correspondence between stored URL and real URL on the one side and the stored timestamp and the real time of the action is not always true. On the contrary, it is rather common that browsers record the timestamp of a user action several seconds after the action really happened. It can even happen that browsers sometimes record a different domain from the domain that was actually visited. The basis for our insights was a large scale experiment using an automatic deployment of virtual machines, resulting in a dataset of considerable size.

Authors with CRIS profile

Tobias Groß Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen) Richard Dirauf Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen) Felix Freiling Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)

Related research project(s)

Cyberkriminalität und forensische Informatik (Cybercrime) Oct. 1, 2019 - March 31, 2024

How to cite

APA:

Groß, T., Dirauf, R., & Freiling, F. (2020). Systematic Analysis of Browser History Evidence. In IEEE (Eds.), 2020 13th International Conference on Systematic Approaches to Digital Forensic Engineering (SADFE) (pp. 1-12). New York, US.

MLA:

Groß, Tobias, Richard Dirauf, and Felix Freiling. "Systematic Analysis of Browser History Evidence." Proceedings of the 13th International Conference on Systematic Approaches to Digital Forensic Engineering (SADFE), New York Ed. IEEE, 2020. 1-12.

BibTeX: Download