Open Access Open Access  Restricted Access Subscription Access

暗網入口的軌跡:Security and Tor Forensics

Ming Jung Chiu Huang,
Shiuh Jeng WANG,

Abstract


本文說明洋蔥路由的組成及運作,並利用案例實作,使用鑑識工具來進行相關實驗,了解藉由記憶體萃取分析,可以從中還原企圖者曾使用Tor browser所瀏覽的網頁,查看其是否有利用Tor browser進入非法網站,並藉此在未來藉由分析網路流量,以及Registry變化,可以更加確切得知企圖者的動機目的。In this paper, we give the introductions of compositions and operations as to the onion router (Tor), firstly. Then there are several forensic tools conducted in forensic experiments, so as to realize the evidence investigations in the memory for extraction and analysis. In this way, we could reveal pages browsed by Tor browsers. According to our proposed method observed in the empirical experiments, we could perceive the criminals if accessing to illegal pages to commit the criminal facts. In our further plans, the analyses of network traffic and the changes of registry are going to be exploited to watch out the motivations of the criminal offense.

Keywords


洋蔥路由; 記憶體萃取; Tor browser; 網路流量; Registry; the onion router; Tor browser; network traffic; registry

Citation Format:
Ming Jung Chiu Huang, Shiuh Jeng WANG, "暗網入口的軌跡:Security and Tor Forensics," Communications of the CCISA, vol. 24, no. 3 , pp. 34-54, Jul. 2018.

Full Text:

PDF

Refbacks

  • There are currently no refbacks.





Published by Chinese Cryptology and Information Security Association (CCISA), Taiwan, R.O.C
CCCISA Editorial Office, No.1, Sec. 1, Shennong Rd., Yilan City, Yilan County 260, Taiwan (R.O.C.)
E-mail: ccisa.editor@gmail.com