UPM Institutional Repository

WBEC: A web browsers evidence collection toolkit for web browsers usage in Windows 10


Rayman, Dafiqah Mior and Asmawi, Aziah and Mohd Ariffin, Noor Afiza (2022) WBEC: A web browsers evidence collection toolkit for web browsers usage in Windows 10. International Journal of Technology Management and Information System, 4 (1). pp. 1-15. ISSN 2710-6268


Criminals can utilize the web browser to perform both traditional and cybercrime by looking for information to plan and execute their crimes. As a result, while performing a digital forensic investigation, collecting more forms of digital evidence from a web browser is critical. Although there are numerous online browser evidence gathering techniques accessible, the number of digital evidence types collected is still insufficient. Although there are 18 different categories of digital evidence, only 12 of them can be extracted using a single method. Furthermore, because the hashing algorithm employed in present technologies is MD5, the evidence gathered still lacks integrity. By developing proofs-of-concept, this study presented a WBEC: Web Browsers EvidenceCollection Toolkit for improving the gathering of digital evidence kinds. WBEC is a web browser forensics acquisition approach for Google Chrome and Mozilla Firefox, the two most popular web browsers in the Windows 10 environment. This research will also increase the reliability of the data gathered. The amount of data type evidence collections and security measures to secure the integrity of evidence collected are measured by evaluating available tools, developing a proof-of-concept toolkit, and comparingfunctioning tools. Web browsing history, keyword searches, cookies, cache, bookmarks, downloaded files, login id, password, email, and social media are all examples of evidence data types that can help with a digital forensic investigation. In addition, the SHA-1 hashing algorithm was used to improve the evidence's integrity. The proof-of-concept toolset found 16 different categories of evidence, accounting for 88.89 percent of all evidence found. In addition, the SHA-1 hashing method is more secure than MD5 since it takes longer to crack.

Download File

Full text not available from this repository.

Additional Metadata

Item Type: Article
Divisions: Faculty of Computer Science and Information Technology
Publisher: Academia Industry Networks
Keywords: Digital forensic; Web browser forensic; Evidence collection; Cryptography; Integrity; Windows 10; Cybercrime; MD5; SHA-1; Hashing algorithm; Credentials
Depositing User: Mr. Mohamad Syahrul Nizam Md Ishak
Date Deposited: 14 Feb 2024 04:08
Last Modified: 14 Feb 2024 04:08
URI: http://psasir.upm.edu.my/id/eprint/102617
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item