Skip to main content
Conference ProceedingsOPEN ACCESS

Using search engines to acquire network forensic evidence

IFIP International Federation for Information Processing (2007) 242 247-253
DOI: 10.1007/978-0-387-73742-3_17
1Citations
Citations of this article
7Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Search engine APIs can be used very effectively to automate the surreptitious gathering of information about network assets. This paper describes GooSweep, a tool that uses the Google API to automate the search for references to individual IP addresses in a target network. GooSweep is a promising investigative tool. It can assist network forensic investigators in gathering information about individual computers such as referral logs, guest books, spam blacklists, and instructions for logging into servers. GooSweep also provides valuable intelligence about a suspect's Internet activities, including browsing habits and communications in web-based forums. © 2007 International Federation for Information Processing.

Author supplied keywords

Cite

CITATION STYLE

APA

McGrew, R., & Vaughn, R. (2007). Using search engines to acquire network forensic evidence. In IFIP International Federation for Information Processing (Vol. 242, pp. 247–253). https://doi.org/10.1007/978-0-387-73742-3_17

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free