Title :
Analyzing and searching process of internet username and password stored in Random Access Memory (RAM)
Author :
Thongjul, Sasithorn ; Tritilanunt, Suratose
Author_Institution :
Dept. of Comput. Eng., Mahidol Univ., Nakhon Pathom, Thailand
Abstract :
This paper develops a technique to gather and analyze username and password stored in a physical memory or RAM (Random Access Memory). A live memory forensic investigator is able to use this work in order to find the pattern as the “Searching Criteria” for extending the search to other artifacts. The proposed technique uses a quick search algorithm to find the data in the physical memory. By using a proposed technique to harvest username and password from some popular websites, the experiment has been tested by browsing to social network, webmail, internet banking, and some business online shopping websites. Form the artifacts recovered from the physical memory, we find many useful evidences of username and password that are stored in a plaintext format. Finally, these recover evidences can be linked to other artifact.
Keywords :
Web sites; authorisation; digital forensics; random-access storage; Internet banking; Internet password analysis process; Internet password search process; Internet user name analysis process; Internet user name search process; RAM; Web browsing; Web mail; business online shopping Web sites; physical memory; plaintext format; quick-search algorithm; random access memory; searching criteria; social network; Algorithm design and analysis; Computers; Electronic mail; Encryption; Forensics; Internet; Random access memory; Random Access Memory; live memory forensic; security of physical memory; volatile data;
Conference_Titel :
Computer Science and Software Engineering (JCSSE), 2015 12th International Joint Conference on
Conference_Location :
Songkhla
DOI :
10.1109/JCSSE.2015.7219806
