To maintain privacy of the end consumers the browser vendors

provide a very good feature on the browser called the "Private Mode". As

per the browser vendors, the Private Mode ensures Cookies, Temporary

Internet Files, Webpage history, Form data and passwords, Anti-phishing

cache, Address bar and search AutoComplete, Automatic Crash Restore

(ACR) and Document Object Model (DOM) storage information is not

stored on the system [45].

To put to test the browser vendors claim, I had setup a test to confirm the

claims. During the first test the file system was monitored for all reads

and writes. On the second test the image of the RAM was taken after the

browser was used in private mode. The image was analyzed to check if the

RAM contained any data related to the user browsing. The browsers chosen

to perform this test were: Internet Explorer, Firefox, Google Chrome and


During the file system monitoring analysis for the browsers in private mode

it was found that Google Chrome and Firefox didn't write any data on the

file system. Safari wrote data on just a single file called "WebpageIcons.db".

Internet Explorer wrote browsing data on the file system and then deleted

it. This data can be recovered using any recovery tool such as Recuva.

During the memory dump based analysis for the browsers in private mode,

it was found that browser data was recoverable for all the browsers.

Therefore from data privacy perspective Google Chrome and Firefox are

safer to use than Safari and Internet Explorer.

Library of Congress Subject Headings

Browsers (Computer programs)--Security measures; Computer networks--Security measures; Data encryption (Computer science)

Publication Date


Document Type


Student Type


Department, Program, or Center

Department of Computing Security (GCCIS)


Yin Pan

Advisor/Committee Member

Bo Yuan

Advisor/Committee Member

Bill Stackpole


Physical copy available from RIT's Wallace Library at TK5105.882 .N66 2014


RIT – Main Campus

Plan Codes