Field Of Invention
[0001] The present work was undertaken to conduct a novelty search on "Developing an Effective
Browser Forensics Approach Through Unique ID Based Authentication using Blockchain Data Structure".
More specifically it relates to a unique, low-cost, efficient, highly accurate technology which is used as a
tool for Browser Forensics as well as monitoring.
Background Of The Invention
[0002] Due to the rising number of Cyber Crimes, control of crimes is something of utmost importance
in the present day. These crimes are rapidly growing in number day by day. So a strong mechanism is
needed to control activity of cybercrimes.
[0003] The number of cases of affected people are increasing since previous years. If we go for the
data analysis of drawdown caused by the cybercrimes, we will notice, that the crime rate is continuously
increasing.
[0004] Though there are many tools available for browser forensics which are based on the log file
analysis of the browser, but these tools are targeted to a specific web browser or a specific log file from a
certain web browser.
[0005] Secondly existing research and tools remain at the level of simple parsing. In web browser
forensics investigation, it is necessary to extract more significant information related to digital forensics,
such as search word and user activity, user location etc.
Objectives Of The Invention
[0006] It is an object of the invention to prepare a 100% unique and innovative product.
[0007] It is an object of the invention to provide a low cost and unique browser forensics approach
based on Blockchain Data structure that is easily deployable and traceable in nature as well as Highly
secured.
[0008] It is an object of the invention to develop a Browser Forensics approach that have no extra
payload to existing infrastructure where it is used.
[0009] It is an object of the invention to provide low cost yet effective Browser Forensics solution that
can be used effectively by the web servers without providing any extra efforts.
[00010] It is an object of the invention to provide low cost yet effective Browser Forensics solution that
is better than the existing available Browser Forensics solution.
[00011] It is an object of the invention to provide low cost yet effective Browser Forensics solution that
employs locally available information as components, instead of high price servers or tools.
0
Summary Of The Invention
[00012] This Present Invention discloses a Browser Forensics approach which is an important concepts
regarding Activity Monitoring, User identification, Location identification etc. There are several tools
available in the market which helps in Browser forensics through browser log analysis or by using DAT file
of the browser. But this research presents a simple and efficient approach for Browser forensics through
ID based authentication and tracking using Blockchain Data Structure. This approach is quite effective
because there is no any Hardware involved and can be implemented in an existing client-server
infrastructure in a very efficient manner. This research also demonstrate the Browser Table Structure
based on Blockchain Data Structure and caching Features that will help in Browser speed enhancement
as well as user and browser authentication.
Brief Description Of Drawings
[00013] Blockchain of Browser Information
[00014] HTTPS Request sent through CURL
[00015] Browser ID Allocation Scheme
Detailed Description Of The Invention
[00016] we have created a low cost and unique browser forensics approach that is easily deployable
and traceable in nature.
[00017] For Tracking Down the actual source of the incident, we deploy Blockchain data structure as
well as intermediate server which will be helpful to track down Browser ID monitoring.
[00018] we realized that the existing approaches for browser forensics are targeted to a specific web
> browser or a specific log file from a certain web browser. .
[00019] The existing tools remain at the level of simple parsing, thus it is necessary to extract more
significant information related to digital forensics such as search word and user activity.
[00020] Now we want to authenticate the user through browser id A browser Id is a unique concept
which will help us to determine the user location as well as validate the client request. These Browser id
will be bind to the MAC Address and MAC Address is bind to the Session ID i.e. all these three
components are inter-linked and inter-related with each other.
[00021] whenever Session ID and MAC ID is changed, the bowser id will get changed the complete
working of our approach is described below:
1) A Browser ID is assumed to be consisting of four parts which are as follows:
a) Window Version (window 7,8,10 etc.)
b) Country Code (IN for India)
c) Postal Code (201301 for Noida)
d) Latitude and Longitude.
e) Region Name.
f) State Name. -.
2) In our approach, the browser license agreement will contains the conditions for binding session id
and system MAC ID with Browser ID.
3) The additional parameter will be detached while reaching to the web client and that parameter will
be passed to the intermediate server.
4) The intermediate server will authenticate the request and determine whether this request comes
from the authentic source or not?
5) If it is authentic, it will generate desired output as needed by the user.
6) The whole activity done by the browser will be monitored and accessed at any time.
[00022] A Browser id is generated by appending CURL request with every request sent by the client
is follows:
— • T M M W I M m m i l H I I H W I H W i i l l ^ ^ B ^ M ^ ^ — ^ ^ i — ^ ^ B ^ M I ^ ^ B ^ — l ^ ^ f 1 • mill— I— • I • W I I B I •
In Blockchain the data is stored in the form of Merkle tree which is a simplest type of Tree type Binary data
structure
[00023] A Merkle tree is a way of hashing a larger chunk of data into a single hash. It is a tree structure
in which each leaf node is a hash of a block of data, and each non-leaf node is a hash of its children.
Merkle tree are used in distributed system for effective data verification. They are efficient because they
uses hashes instead of full files. Merkle trees are typically implemented as binary trees, as shown in the
following image. However, a Merkle tree can be created as an n-nary tree, with n children per node.In this image, we see an input of data broken up into blocks labeled L1 through L4. Each of these blocks
are hashed using some hash function. Then each pair of nodes are recursively hashed until we reach the
root node, which is a hash of all nodes below it. In this image, we see an input of data broken up into
blocks labeled L1 through L4. Each of these blocks are hashed using some hash function. Then each pair
of nodes are recursively hashed until we reach the root node, which is a hash of all nodes below it.
[00024] Intermediate Server will track down all the requests that are passing through the browser. The
additional parameter will be detached while sending request to the actual server. The format of GET
Request is as follows:The working of the approach is described below and various scenarios are proposed in order to obtain
the Browser ID. Here we are using different cases and the allotment of Browser ID.
Case 1: Session Changed, MAC Changed
In this ca*se, if a user changed his session as well as change his MAC address by switching from Ethernet
to Wi-Fi, In that case a new Browser ID will be allotted to the user. The Browser ID will be bind to every
request sent by the user during that particular session.
Case 2: Session Changed, MAC Not Changed
In this case, if a user changed his session by closing the browser but doesn't switch its internet
connection i.e. not switched from Ethernet to Wi-Fi or one Ethernet to another Ethernet, In that case a
previous Browser ID .which is associated with that MAC address will be allotted to the user. The Browser
ID will be bind to every request sent by the user during that particular session which will be linked with
previoussession information also.
IPO DELHI 06-O4-2G18 17-03
h

claims.
An autonomous transacting device comprising of:
(i) Any System with internet connectivity.
(ii) a cryptographic storage medium having cryptographic code written in Python , that when
executed by the processor performs: identifying a requests to the server involving an
exchange of a Browser ID: requesting a server of the blockchain comprising a merkle tree
path;
(iii) verifying a Browser ID key using simplified content verification algorithm; bundling the
Browser ID together with mapped criteria to form a chain.
(iv) Request validation using Browser ID will be done with mapping with either MAC ID or
Session ID
2) A method, for User identification and tracking which will work on all devices having HTTP/HTTPS
communication enabled.
3) A computer-implemented system for maintaining request records, the system comprising: a
plurality of nodes/systems, each node/system including at Browser ID which is mapped with the
system MAC ID; at least one processor configured to generate a request record comprising a set
of devices, each device of the set of devices having a unique Browser ID.
4) A Blockchain implemented data structure for storing BrowserlD associated with each devices
indicative of a condition on use of, or access to, the resource, the Blockchain comprising a Merkle
tree structure which associate each new Browser ID with the previous one.
5) A method according to claim 4 wherein the step of providing the second subset of the plurality of
signatures to the Blockchain transaction further comprises: selecting the message from a plurality
of partially signed, multi-signature messages.
6) A method according to Claim 4 or 5, wherein the condition on the use of the resource is the use
of a discrete amount of the resource and the second subset of the plurality of signatures is
provided responsive to the discrete amount of the resource being used.