%0 Conference Proceedings
%T Reconstructing Interactions with Rich Internet Applications from HTTP Traces
%+ Gnowit
%+ University of Ottawa [Ottawa]
%+ Center for Advanced Studies [IBM CAS Canada]
%A Baghbanzadeh, Sara
%A Hooshmand, Salman
%A Bochmann, Gregor
%A Jourdan, Guy-Vincent
%A Mirtaheri, Seyed
%A Faheem, Muhammad
%A Onut, Iosif, Viorel
%Z Part 3: NETWORK FORENSICS
%< avec comité de lecture
%( IFIP Advances in Information and Communication Technology
%B 12th IFIP International Conference on Digital Forensics (DF)
%C New Delhi, India
%Y Gilbert Peterson
%Y Sujeet Shenoi
%I Springer International Publishing
%3 Advances in Digital Forensics XII
%V AICT-484
%P 147-164
%8 2016-01-04
%D 2016
%R 10.1007/978-3-319-46279-0_8
%K Rich Internet Applications
%K User session reconstruction
%K HTTP logs
%Z Computer Science [cs]Conference papers
%X This chapter describes the design and implementation of ForenRIA, a forensic tool for performing automated and complete reconstructions of user sessions with rich Internet applications using only the HTTP logs. ForenRIA recovers all the application states rendered by the browser, reconstructs screenshots of the states and lists every action taken by the user, including recovering user inputs. Rich Internet applications are deployed widely, including on mobile systems. Recovering information from logs for these applications is significantly more challenging compared with classical web applications. This is because HTTP traffic predominantly contains application data with no obvious clues about what the user did to trigger the traffic. ForenRIA is the first forensic tool that specifically targets rich Internet applications. Experiments demonstrate that the tool can successfully handle relatively complex rich Internet applications.
%G English
%Z TC 11
%Z WG 11.9
%2 https://inria.hal.science/hal-01758682/document
%2 https://inria.hal.science/hal-01758682/file/431606_1_En_8_Chapter.pdf
%L hal-01758682
%U https://inria.hal.science/hal-01758682
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-AICT
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-DF
%~ IFIP-WG11-9
%~ IFIP-AICT-484