题名

暗網入口的軌跡:Security and Tor Forensics

并列篇名

Key-window of Evidence Investigations: Security and Tor Forensics

作者

邱黃明蓉(Ming Jung Chiu Huang);王旭正(Shiuh Jeng WANG)

关键词

洋蔥路由 ; 記憶體萃取 ; Tor browser ; 網路流量 ; Registry ; the onion router ; Tor browser ; network traffic ; registry

期刊名称

資訊安全通訊

卷期/出版年月

24卷3期(2018 / 07 / 01)

页次

34 - 54

内容语文

繁體中文
中文摘要

本文說明洋蔥路由的組成及運作,並利用案例實作,使用鑑識工具來進行相關實驗,了解藉由記憶體萃取分析,可以從中還原企圖者曾使用Tor browser所瀏覽的網頁,查看其是否有利用Tor browser進入非法網站,並藉此在未來藉由分析網路流量,以及Registry變化,可以更加確切得知企圖者的動機目的。
英文摘要

In this paper, we give the introductions of compositions and operations as to the onion router (Tor), firstly. Then there are several forensic tools conducted in forensic experiments, so as to realize the evidence investigations in the memory for extraction and analysis. In this way, we could reveal pages browsed by Tor browsers. According to our proposed method observed in the empirical experiments, we could perceive the criminals if accessing to illegal pages to commit the criminal facts. In our further plans, the analyses of network traffic and the changes of registry are going to be exploited to watch out the motivations of the criminal offense.
主题分类 基礎與應用科學 > 資訊科學
参考文献
  1. Tor Network Status, https://torstatus.blutmagie.de/
  2. AlQahtani, A. A.,El-Alfy, E. S. M.(2015).Anonymous connections based on onion routing: A review and a visualization tool.Procedia Computer Science,52,121-128.
  3. Díaz, C.,Seys, S.,Claessens, J.,Preneel, B.(2002).Towards measuring anonymity.International Workshop on Privacy Enhancing Technologies
  4. R. Dingledine, N. Mathewson and P. Syverson, "Tor: The second-generation onion router, Usenix Security, Aug. 2004.
  5. Rathod, D.(2017).Web browser forensics: google chrome.International Journal of Advanced Research in Computer Science,8(7)
  6. Rathod, D.(2017).Darknet forensics.International Journal of Emerging Trends & Technology in Computer Science,6(4)
  7. Reed, M. G.,Sylverson, P. F.,Goldschlag, D. M.(1998).Anonymous connections and onion routing.IEEE Journal on Selected Areas in Communications,16(4),482-494.
  8. Ruiz, R.,Ruiz, S.,Amatte, F. P.,Kil, J.,Brandini, P. D. S.(2014).Opening the private browsing data - acquiring evidence of browsing activities.Proceedings of the International Conference on Information Security and Cyber Forensics,Kuala Terengganu, Malaysia:
  9. Tor, "What is Tor Browser," https://www.torproject.org/projects/torbrowser.html.en, Mar. 2018.
  10. Turvey, B.,Chisum, W.J.(2000).Evidence dynamics: Locard's exchange principle & crime reconstruction.Journal of Behavioral Profiling,1(1)
print cancel