| 基于网络动态取证系统的设计与实现 |
| |
| 引用本文: | 于志宏,刘喆,赵阔,努尔布力,史光坤,胡亮. 基于网络动态取证系统的设计与实现[J]. 吉林大学学报(理学版), 2008, 46(4): 716-720 |
| |
| 作者姓名: | 于志宏 刘喆 赵阔 努尔布力 史光坤 胡亮 |
| |
| 作者单位: | 吉林大学,计算机科学与技术学院,长春,130012;吉林省经济管理干部学院,长春,130012 |
| |
| 基金项目: | 国家自然科学基金 , 教育部新世纪优秀人才支持计划项目基金 |
| |
| 摘 要: | 提出并实现一个基于网络的动态计算机取证系统. 该系统不同于传统的取证工具, 它将取证工作提前至犯罪行为发生前与进行中, 避免了由于取证不及时而导致的证据链缺失, 有效地提高了取证工作的效率, 增强了数据证据的完整性和时效性.
|
| 关 键 词: | 计算机取证 电子证据 日志 协议分析 |
| 收稿时间: | 2008-01-24 |
Design and Implementation of Dynamic Computer Forensics System Based on Network |
| |
| YU Zhi-hong,LIU Zhe,ZHAO Kuo,Nuerbuli,SHI Guang-kun,HU Liang. Design and Implementation of Dynamic Computer Forensics System Based on Network[J]. Journal of Jilin University: Sci Ed, 2008, 46(4): 716-720 |
| |
| Authors: | YU Zhi-hong LIU Zhe ZHAO Kuo Nuerbuli SHI Guang-kun HU Liang |
| |
| Affiliation: | 1. College of Computer Science and Technology, Jilin University, Changchun 130012, China;2. Jilin Province Economics and Management Cadres College, Changchun 130012, China |
| |
| Abstract: | In order to solve the problems existed in static forensics technology, this paper presents the design and implementation of a dynamic computer forensics system based on network. Compared with the traditional tools of the system, it performs the work of gathering evidence in advance before criminal action has occurred or in the process of crime so as to avoid the evidence chain lost caused by evidence not scout timely. It can improve the efficiency of the work of gathering evidence; enhance data integrity and timeliness of evidence. This paper describes the architecture, function and work flow, and the implementation of main functions of the core module technology. |
| |
| Keywords: | computer forensics electronic evidence log protocol analysis |
| 本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《吉林大学学报(理学版)》浏览原始摘要信息 |
|
点击此处可从《吉林大学学报(理学版)》下载全文 |
|
