Tracing VNC And RDP Protocol Artefacts on Windows Mobile and Windows Smartphone for Forensic Purpose

Publication Year:
Usage 1845
Downloads 1700
Abstract Views 145
Repository URL:
Kerai, Paresh
School of Computer and Information Science, Security Research Centre, Edith Cowan University, Perth, Western Australia
[RSTDPub]; VNC; RDP; RBF protocol; forensic; artefacts; registry files and log files; Windows Mobile smart phones and mobile PC; Information Security
conference paper description
Remote access is the means of acquiring access to a computer or network remotely or from distance. It is typically achieved through the internet which connects people, corporate offices and telecommuters to the internal network of organizations or individuals. In recent years there has been a greater adoption of remote desktop applications that help administrators to configure and repair computers remotely over the network. However, this technology has also benefited cyber criminals. For example they can connect to computers remotely and perform illegal activity over the network. This research will focus on Windows mobile phones and the Paraben forensics software will be used to analyse the phones. The analysis will focus on any related Virtual Network Computing (VNC) and Remote Desktop protocol (RDP) artefacts left behind by the remote connection.