文章發表 - TANET
研討會名稱:TANET2021
研討會時間:2021年12月10日~12月12日
發表文章題目:從數位鑑識角度探討瀏覽器與網路電商在無痕模式應用
摘要
無痕模式,是網路時代的一大里程碑,他獨特的功能讓人為之一亮,讓許多人可以不須提心吊膽的使用公共電腦,能安心登入帳號密碼,儘管忘記登出,無痕模式也不會在該裝置中記住在模式下的所有操作,包含了登入時會產生的Cookie、個人帳號的資訊等等。
但由於無痕模式的出現,追查無痕時的操作有一定的困難度,使得許多人會透過無痕模式進行網路犯罪,由於無痕模式獨有的功能,在鑑識方面顯得更加困難,因此本文是要探討在無痕模式下,是否仍會造成資料外洩,以及如何在使用無痕模式後,利用FTK Imager與WinHex鑑識工具,使用數位鑑識方法找到當時在電腦內留下的資料證據,進而追查出犯罪手法。
關鍵字:FTK Imager、WinHex、瀏覽器無痕模式、數位鑑識。
Abstract
The incognito mode is
a major milestone in the Internet era. Its unique features make people shine,
allowing many people to use public computers without worry, and can log in to their
account and password with peace of mind. Even if they forget to log out, the
incognito mode is also All operations in the mode will not be remembered in the
device, including cookies generated when logging in, personal account
information, etc. However, due to the emergence of the incognito mode, it is
difficult to track down the operations in the incognito mode. Many people will
use the incognito mode to commit cybercrimes. Due to the unique functions of
the incognito mode, it is more difficult to identify. This article is to
explore whether in the incognito mode, data leakage will still occur, and how
to use FTK Imager and WinHex forensic tools to use digital forensic methods to
find the data evidence left in the computer at that time after using the
incognito mode. And then track down criminal methods.
Keywords:FTK Imager、WinHex、Browsers in incognito mode、Digital Forensics。
