| 网络取证系统及工具分析 |
| |
| 引用本文: | 徐晓琴,龚俭,周鹏.网络取证系统及工具分析[J].微机发展,2005,15(5):139-141. |
| |
| 作者姓名: | 徐晓琴 龚俭 周鹏 |
| |
| 作者单位: | 东南大学计算机科学与工程系江苏省计算机网络技术重点实验室 江苏南京210096
(徐晓琴,龚俭),东南大学计算机科学与工程系江苏省计算机网络技术重点实验室 江苏南京210096(周鹏) |
| |
| 摘 要: | 随着网络技术的发展,计算机网络犯罪总量持续上升,计算机取证工作显得越来越重要。计算机取证分为事后取证和实时取证。早期的实时取证所利用的网络安全工具在取证学角度都存在一定的局限性,它们所产生的数据不能成为法律意义上的证据。由此,网络取证系统应运而生,它对网络入侵事件、网络犯罪活动进行证据获取、保存、分析和还原,弥补了传统安全工具在实时取证中的不足。文中对网络取证系统进行了详细分析,并对目前的一些网络取证工具进行了比较。
|
| 关 键 词: | 网络取证系统 网络取证工具 网络安全 |
| 文章编号: | 1005-3751(2005)05-0139-03 |
| 修稿时间: | 2004年8月19日 |
Analysis of Network Forensics System and Its Tools |
| |
| XU Xiao-qin,GONG Jian,ZHOU Peng.Analysis of Network Forensics System and Its Tools[J].Microcomputer Development,2005,15(5):139-141. |
| |
| Authors: | XU Xiao-qin GONG Jian ZHOU Peng |
| |
| Abstract: | With the development of Web,the quantities of computer crimes are increasing and computer forensics is becoming more and more important.Computer forensics is divided into post-event investigation and real-time investigation.In the early days,network security tools were used in network forensics.But it is limited and the data that they produced can't be regarded as the evidence in the legal meaning.Network forensics system has made up these deficiencies in real-time investigation.It involves capturing,recording,analyzing and reconstructing network audit trails.The paper discusses the network forensics system and a detailed comparison has been made to these tools. |
| |
| Keywords: | network forensics system network forensics analysis tool network security |
| 本文献已被 CNKI 维普 等数据库收录! |
|
