Abstract
Abstract
Computer applications often leave traces or residues that enable forensic examiners to gain a detailed understanding of the actions a user performed on a computer. Such digital breadcrumbs are left by a large variety of applications, potentially (and indeed likely) unbeknownst to their users. This paper presents the concept of residue-free computing in which a user can operate any existing application installed on their computer in a mode that prevents trace data from being recorded to disk, thus frustrating the forensic process and enabling more privacy-preserving computing. In essence, residue-free computing provides an “incognito mode” for any application. We introduce our implementation of residue-free computing, ResidueFree, and motivate ResidueFree by inventorying the potentially sensitive and privacy-invasive residue left by popular applications. We demonstrate that ResidueFree allows users to operate these applications without leaving trace data, while incurring modest performance overheads.
Reference28 articles.
1. [1] TrueCrypt. http://truecrypt.sourceforge.net/.
2. [2] Tails Portable Operating System. https://tails.boum.org/, 2020.
3. [3] Pietro Albano, Aniello Castiglione, Giuseppe Cattaneo, and Alfredo De Santis. A Novel Anti-forensics Technique for the Android OS. In International Conference on Broadband and Wireless Computing, Communication and Applications, 2011.
4. [4] Ross Anderson, Roger Needham, and Adi Shamir. The Steganographic File System. In International Workshop on Information Hiding, 1998.
5. [5] Adam Bates, Dave Jing Tian, Kevin RB Butler, and Thomas Moyer. Trustworthy Whole-system Provenance for the Linux Kernel. In USENIX Security Symposium (Security), 2015.
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Deletion-Compliance in the Absence of Privacy;2021 18th International Conference on Privacy, Security and Trust (PST);2021-12-13