Tracing VNC And RDP Protocol Artefacts on Windows Mobile and Windows Smartphone for Forensic Purpose

Publication Year:
2010
Usage 1870
Downloads 1722
Abstract Views 148
Repository URL:
http://ro.ecu.edu.au/icr/7
Author(s):
Kerai, Paresh
Publisher(s):
School of Computer and Information Science, Security Research Centre, Edith Cowan University, Perth, Western Australia
Tags:
[RSTDPub]; VNC; RDP; RBF protocol; forensic; artefacts; registry files and log files; Windows Mobile smart phones and mobile PC; Information Security
conference paper description
Remote access is the means of acquiring access to a computer or network remotely or from distance. It is typically achieved through the internet which connects people, corporate offices and telecommuters to the internal network of organizations or individuals. In recent years there has been a greater adoption of remote desktop applications that help administrators to configure and repair computers remotely over the network. However, this technology has also benefited cyber criminals. For example they can connect to computers remotely and perform illegal activity over the network. This research will focus on Windows mobile phones and the Paraben forensics software will be used to analyse the phones. The analysis will focus on any related Virtual Network Computing (VNC) and Remote Desktop protocol (RDP) artefacts left behind by the remote connection.