数字取证平台技术的研发

上海交通大学学报（自然版） ›› 2012, Vol. 46 ›› Issue (02): 276-279.

• 自动化技术、计算机技术 • 上一篇下一篇

数字取证平台技术的研发

杨中皇

(高雄师范大学教育学院，台湾高雄 802)

收稿日期:2011-10-16 出版日期:2012-02-28 发布日期:2012-02-28

Research and Development of Digital Forensics Platforms

YANG Zhong-Huang

(School of Education, Kaohsiung Normal University, Taiwan Kaohsiung 802)

Received:2011-10-16 Online:2012-02-28 Published:2012-02-28

摘要/Abstract

摘要： 面对高科技的犯罪案件，取证人员已无法采用传统的方式采集完整的数字证据，须藉由取证工具的辅助以收集与分析数字证据，用科学的方法产生取证报告. 文中探讨计算机取证与手机取证的技术与工具，并自行设计与开发相关的取证雏型系统. 已开发完成的取证系统可以收集Windows/Linux计算机与Android手机数字证据，进行系统分析，且可尝试还原删除的信息并找出与案件相关的犯罪证据.

关键词: 数字取证, 计算机取证, 手机取证, 计算机犯罪, 网络犯罪

Abstract: Number of cyber crime increases dramatically these days and there are rapid progress on computer and smartphone systems, therefore, forensic investigators have been facing the difficulty of admissibility of digital evidence. To solve this problem, this paper
developed forensic techniques and tools to collect digital evidence for computer systems and Android mobile devices.
Forensics were carried out on both Windows and Linux systems to ensure judicial review of the evidence on the effectiveness of digital evidence with credibility.

Key words: digital forensics, computer forensics, mobile phone forensics, computer crimes, cyber crimes

中图分类号:

TP 309

杨中皇. 数字取证平台技术的研发[J]. 上海交通大学学报（自然版）, 2012, 46(02): 276-279.

YANG Zhong-Huang. Research and Development of Digital Forensics Platforms[J]. Journal of Shanghai Jiaotong University, 2012, 46(02): 276-279.

参考文献

［1］Bates J. Fundamentals of computer forensics ［J］. Information Security Technical Report, 1998, 3(4):7578.
［2］Casey E. Handbook of digital forensics and investigation ［M］. Burlington, Mass. USA: Academic Press, 2010.
［3］ISO/IEC 27037, Guidelines for identification, collection, acquisition and preservation of digital evidence (DIS) ［S］.
［4］Volonino L, Anzaldua R, Godwin J, et al. Computer forensics: Principles and practice ［M］. Upper Saddle River, New Jersey, USA: Prentice Hall, 2006.
［5］Jones A, Valli C. Building a digital forensic laboratory ［M］. Burlington, Massachusetts, USA: Elsevier, Inc, 2009.
［6］Halderman J, Schoen S, Heninger A, et al. Lest we remember  Cold boot attacks on encryption

keys ［C］// van Oorschot P. Proceedings of the 17th

USENIX Security Symposium. San Jose, California, USA: USENIX Association, 2008: 4560.
［7］Garber L. EnCase: A case study in computerforensic technology ［J］. IEEE Computer, 2001, 34(1): 202205.
［8］Negus C. Live Linux CDs: Building and customizing bootable ［M］. Upper Saddle River, New Jersey, USA: Prentice Hall, 2007.
［9］Pogue C, Altheide C, Haverkos T. UNIX and Linux forensic analysis DVD toolkit ［M］. Burlington, Mass. USA: Syngress Publishing, 2008.
［10］Adelstein F. Live forensics: Diagnosing your system without killing it first ［J］. Communications of the ACM, 2006, 49(2): 6366.
［11］Dang Q. SP 800107: Recommendation for applications using approved hash algorithms ［R］. Gaithersburg, Maryland, USA: National Institute of Standards and Technology, 2009.
［12］Jansen W, Ayers R. SP 800101: Guidelines on cell phone forensics ［R］. Gaithersburg, Maryland, USA: National Institute of Standards and Technology, 2007.

编辑推荐 0

Metrics

阅读次数

全文

409

HTML			PDF

最新录用	在线预览	正式出版	最新录用	在线预览	正式出版
0	0	0	0	0	409

来源	本网站	其他网站

次数	33	376
比例	8%	92%

摘要

3324

最新录用	在线预览	正式出版

0	0	3324

来源	本网站	其他网站

次数	276	3048
比例	8%	92%

[1]	陆海军, 于秀源, 谢琪. 可证安全的常数长度无证书聚合签名方案 [J]. 上海交通大学学报（自然版）, 2012, 46(02): 259-263.
[2]	王晶晶, 陈克非. 序列快速傅里叶攻击的改进 [J]. 上海交通大学学报（自然版）, 2012, 46(02): 285-288.
[3]	叶禾田, 蔡昀璋. 基于无硬盘Honeypot的入侵防御系统[J]. 上海交通大学学报（自然版）, 2012, 46(02): 289-295.

数字取证平台技术的研发

Research and Development of Digital Forensics Platforms

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 3

编辑推荐 0

Metrics

本文评价