| 基于Windows 平台的动态取证系统 |
| |
| 引用本文: | 文少勇,王箭,李剑.基于Windows 平台的动态取证系统[J].计算机系统应用,2012,21(2):13-17. |
| |
| 作者姓名: | 文少勇 王箭 李剑 |
| |
| 作者单位: | 1. 南京航空航天大学计算机科学与技术学院,南京,210016
2. 南昌陆军学院战斗实验室,南昌,330103 |
| |
| 摘 要: | 针对目前一些动态取证模型的不足,在分布式网络取证模型的基础上设计了一个基于Windows平台的动态取证系统,能够实现网络中的计算机作为作案目标和作案工具双重角色时的取证,具有实时获取多种数据源、取证过程隐秘、取证分析算法可扩展等特点。介绍了动态取证系统中各功能模块设计,并阐述了系统设计中涉及到的关键技术,最后通过模拟测试表明该系统能够在Windows网络下实现动态取证。
|
| 关 键 词: | 计算机取证 动态取证 获取技术 隐秘技术 |
| 收稿时间: | 2011/5/24 0:00:00 |
| 修稿时间: | 2011/6/10 0:00:00 |
Dynamic Forensics System Based on Windows Platform |
| |
| WEN Shao-Yong,WANG Jian and LI Jian.Dynamic Forensics System Based on Windows Platform[J].Computer Systems& Applications,2012,21(2):13-17. |
| |
| Authors: | WEN Shao-Yong WANG Jian and LI Jian |
| |
| Affiliation: | (College of Computer Science and Technology,Nanjing University of Aeronautics and Astronautics,Nanjing 210016,China) 2(Battle Laboratory,Nanchang Army College,Nanchang 330103,China) |
| |
| Abstract: | In view of the shortages of some dynamic forensics model at present,this paper designs a dynamic forensics system in distributed network forensics model based on Windows platform,which can realize obtaining evidence on the computers that plays a dual role on the network as crime goals and crime tools,and have the characteristic of real-time accessing various data sources,forensics process secretive,forensic analysis algorithm extensible etc.This paper introduces the designing of each function module in the dynamic forensics system at first.Second,it lays out the key technology that appears in the design process of the system.Finally,simulation test indicates that the system can realize dynamic forensics in Windows network. |
| |
| Keywords: | computer forensics dynamic forensics acquire technology hiding technology |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机系统应用》浏览原始摘要信息 |
|
点击此处可从《计算机系统应用》下载全文 |
|
