Papers
- Web History Visualisation For Forensic Investigations [published paper]
- Web History Visualisation For Forensic Investigations [thesis]
- The Effect of File and Disk Encryption on Computer Forensics
- The Criminology of Computer Crime
- Central Issues in Network Management
- Virtual Machines for the Intel 386 Architecture
Projects
Articles with the tag: web history
Internet proxy log analysis preprocessing
Sat, 28 May 2011 01:01PM
Proxy logs need a bit of work done to them before you can start analysing the content. This is of course assuming you don't have a fancy product to do all this work for you ;). First, you need to work out the regular expression that defines a line in the proxy log to parse it into a nicer format such as CSV. A lot of the CSV columns can probably be removed; the most useful columns are URL, date & time, user agent string (to work out what browser the user was using for example) and request status code (to work out if the user was able to access the content or if it was blocked, unavailable etc).
How Internet Explorer stores web history
Tue, 15 Jun 2010 04:52PM
Internet Explorer stores files downloaded from the internet in a cache called Temporary Internet Files (e.g. html pages, images, CSS files). Each cached file is assigned an alphanumeric cache name. Some index.dat files serve to map the cached name with the filename and URL it came from. Other index.dat files store the user’s cookies or web browser history (by default 20 days’ worth). index.dat files are in binary format, and need to be viewed using a hex editor.
How Opera stores web history
Mon, 14 Jun 2010 03:12PM
Out of all the popular browsers, Opera leaves behind the least amount of useful information for investigators. Not only is the data stored in plain text format, but it does not record every URL visited, only the latest one. Therefore it is impossible to tell how often someone has visited a particular website. Even when viewing web history from within the browser only the latest entries are shown, giving a false impression of the actual history. For example if someone went to exactly the same websites two days in a row, the first day would have no history associated with it, since each entry would be overridden by the latest visit.
How Safari stores web history
Fri, 11 Jun 2010 11:41AM
Safari has a very simple method of storing browser history compared to those that use SQLite databases.
How Google Chrome stores web history
Thu, 10 Jun 2010 03:45PM
In 2008 Google released most of Chrome’s source code as a project called Chromium under a BSD license. Chromium is essentially the same browser as Chrome, but lacks built-in automatic updates and Google branding [Chromium Developer Website].
How Firefox stores web history
Wed, 09 Jun 2010 06:05PM
Firefox version 3 (first released in 2008) employs a different system of storing browser history than its predecessor Firefox 2. Since only 2.75% of Firefox users still use version 2 or smaller, only Firefox version 3 will be explored here and will hence just been known as Firefox.
Previous blog entries
Blog categories
- Forensics & science (8)
- HCI, art & design (14)
- Rabbits (7)
- Computers & programming (13)
- Miscellaneous (24)
- Recipes (5)
- Reviews (13)
- Digital Forensics (24)
- Trips & Visits (15)
Blog tags
Megalosaurus law privacy bacon readability steganography search terms crime iPod touch thumbs.db gardening abandoned buildings cables security New Scientist PNG python confirmation bias art gallery paintings Istanbul search symposium Woodilee IE coasters treats risotto Firebug criminology Sqlite doppelgangers Moroccan cuisine wrapping exams internet history cake cases web usability music Mweke Strathclyde ballistics tea chemistry England holiday Linkin Park reference management chicken play Demand Five OCFA rabbit nutrition shoes encryption unicode rabbit vision tags Christmas
