Mailinglist Archive

Web Browser Forensics, Part 1
by Keith J. Jones and Rohyt Belani
last updated March 30, 2005

Introduction
Electronic evidence has often shaped the outcome of high-profile civil 
law suits and criminal investigations ranging from theft of intellectual 
property and insider trading that violates SEC regulations to proving 
employee misconduct resulting in termination of employment under 
unfavorable circumstances. Critical electronic evidence is often found 
in the suspect's web browsing history in the form of received emails, 
sites visited and attempted Internet searches. This two-part article 
presents the techniques and tools commonly used by computer forensics 
experts to uncover such evidence, through a fictitious investigation 
that closely mimics real-world scenarios.

While you read this article, you may follow along with the investigation 
and actually analyze case data. To actively participate in the 
investigation, you need to download the associated Internet activity 
data from the SecurityFocus archives [data].

http://www.securityfocus.com/infocus/1827?ref=rss