So by using memory dump tools to

So that we can understand the issues of the research question, an academic understanding of the present solutions and methods need to be investigated.  The Onion RouterThe Onion Router (TOR) was originally developed for the United States Navy to help keep security and privacy of important government documents. TOR is now used worldwide by millions including members of the military and the general public. The main goal of TOR is to be anonymous, this can be utilised in many ways, from whistle blowers wanting to keep their identities secret to Non-governmental organizations that make workers use TOR to allow them to connect to their home website while they’re in a foreign country, without alerting others around them that they’re working with that organization. (TOR Project Inc., 2017)Gehl (2016) explains the “Power/freedom” side of The Onion Router, taking into account the reputation Dark Web has in terms of activities both legal and illegal including indecent videos and pictures of children and drugs selling. Watson (2012) reviewed the legality of TOR and the benefits it provides.TOR is known for being safe and secure for people to use, ensuring anonymity. But Dayalamurthy (2013) disproved this perception by using memory dump tools to retrieve artifacts from The Onion Router browser. One major case that also disproves the perception that TOR makes you completely anonymous with no chance of getting caught, is the Silk Road 2.0 takedown in 2014. The Silk Road 2.0 was a market that allowed people to purchase and sell drugs, indecent images and firearms. The FBI has not revealed the technique they used to take this market down but they have given credit to digital forensics and the work of the undercover police. (Hill, 2014) Artefacts from OSReferring to a research article by A.Sandvik (2013), the researcher presented the forensic analysis and recorded the artefacts the TOR browser bundle left in a Windows machine. They also examined and documented the directory path of the TOR bundle browser artefacts. From the article the directories found were:Thumbnail cache memoryC:WindowsPrefetchWindows RegistryWindows Paging FileAndrew Case another researcher carried out a similar experiment, the researcher discussed a number of forensic techniques for retrieving artefacts from The Amnesic Incognito Live System (TAILS) (Case, n.d.). TAILS is a live OS that is Linux based, it is bootable via DVD or USB. All traffic on this system is sent through the TOR network. In this article, Case also wrote a little on using memory dumps to recover data.    Artefacts from Network trafficTor encrypts all network traffic that is sent through the TOR entry node, middle-man, and exit nodes.TOR does this by adding multi-layer encryption every time it goes through a middle-man node.


I'm Dana!

Would you like to get a custom essay? How about receiving a customized one?

Check it out