共查询到20条相似文献,搜索用时 15 毫秒
1.
为了重塑犯罪现场,寻找作案线索,最终将犯罪嫌疑人绳之以法,对系统日志文件的分析便显得十分重要.对计算机取证和系统日志文件进行了介绍,探讨了系统日志文件的提取、保存、鉴定和分析的方法. 相似文献
2.
为了有效提高电子证据保护的效率,将改进的椭圆曲线数字签名算法(Elliptic Curve Digital Signature Algorithm,ECDSA)应用于电子证据的保护。使用改进的椭圆曲线数字签名算法可以在签名阶段避免求逆运算。与传统的椭圆曲线数字签名算法相比,改进算法能有效提高执行效率。对算法的实验比较和安全性分析表明,改进的椭圆曲线数字签名算法适用于电子证据的数字签名和验证,能够提高电子证据保护的速度。 相似文献
3.
计算机安全取证技术是法学和计算机科学的交叉学科,必须把握这一特殊性对其进行研究。在这一领域把法律和技术分离就会导致法律认定上的错误和技术上的无序性。必须将法律和计算机技术相结合才能对计算机取证进行研究。本文阐明了计算机取证的相关法律问题,重点说明了计算机取证的过程、方法和工具,并给出了一个计算机取证实验的例子,提出了目前此领域相关法律法规和计算机取证技术的不足,指出了今后法律法规的进一步健全、计算机取证工作的规范化和计算机取证技术的发展趋势。 相似文献
4.
Star & Horizon sensor based autonomous navigation methods play an increasingly important role in spacecraft celestial navigation. However,the measurements of star sensors and horizon sensor are frequently affected by uncertain noises from space environment. To improve the estimation precision,a state estimation algorithm named Switch Strong Tracking Unscented Kalman Filter( SSTUKF) is presented. Firstly,the adaptive fading factor is deduced through the adoption of unknown instrumental diagonal matrixes to real time rectify the measurement covariance matrix. Secondly,according to the deduction of Chebyshev law of large numbers,innovation criterion is introduced during estimation to decrease the unnecessary calculation. Finally,SSTUKF is suggested through the adoption of adaptive fading factor and innovation criterion. The filter can switch between the normal filter mode and adaptive filter mode. As the calculation of innovation criterion is less than the adaptive fading factor,SSTUKF improves the estimation efficiency. To demonstrate the effectiveness,SSTUKF is applied to Star & Horizon sensor based autonomous navigation system with uncertain measurement noises. The simulation results verify the proposed algorithm. 相似文献
5.
Fractional Order [Proportional Integral] Controllers Parameters Algorithm Based on the Vector Method 
下载免费PDF全文
下载免费PDF全文 In forensic investigations,it is vital that the authenticity of digital evidence should be ensured. In addition,technical means should be provided to ensure that digital evidence collected cannot be misused for the purpose of perjury. In this paper,we present a method to ensure both authenticity and non-misuse of data extracted from wireless mobile devices. In the method,the device ID and a timestamp become a part of the original data and the Hash function is used to bind the data together. Encryption is applied to the data,which includes the digital evidence,the device ID and the timestamp. Both symmetric and asymmetric encryption systems are employed in the proposed method where a random session key is used to encrypt the data while the public key of the forensic server is used to encrypt the session key to ensure security and efficiency. With the several security mechanisms that we show are supported or can be implemented in wireless mobile devices such as the Android,we can ensure the authenticity and non-misuse of data evidence in digital forensics. 相似文献
6.
Traditional approaches to digital forensics reconstruct events within digital systems that often are not built for the creation of evidence; however,there is an emerging discipline of forensic readiness that examines what it takes to build systems and devices that produce digital data records for which admissibility is a requirement. This paper reviews the motivation behind research in this area,a generic technical solution that uses hardware-based security to bind digital records to a particular state of a device and proposed applications of this solution in concrete,practical scenarios. Research history in this area,the notion of secure digital evidence and a technical solution are discussed. A solution to creating hardware-based security in devices producing digital evidence was proposed in 2012. Additionally,this paper revises the proposal and discusses three distinct scenarios where forensic readiness of devices and secure digital evidence are relevant. It shows,how the different requirements of the three scenarios can be realized using a hardware-based solution. The scenarios are:lawful interception of voice communication,automotive black box,precise farming. These three scenarios come from very distinctive application domains. Nevertheless,they share a common set of security requirements for processes to be documented and data records to be stored. 相似文献
7.
8.
为了重塑犯罪现场,寻找作案线索,最终将犯罪嫌疑人绳之以法,对系统日志文件的分析便显得十分重要.对计算机取证和系统日志文件进行了介绍,探讨了系统日志文件的提取、保存、鉴定和分析的方法. 相似文献
9.
随着图像处理技术的快速发展,数字图像被广泛地应用于互联网.与此同时,视觉上难以觉察的篡改图像也日益泛滥.数字图像被动取证作为一种不依赖任何预签名提取或预嵌入信息来鉴别图像真伪和来源的技术,正成为多媒体安全领域新兴的研究热点,有着广泛的应用前景. 相似文献
10.
网络取证系统的最终目标是给法庭提供可靠的数字证据,而面对高速网络取证系统的海量数据其存储是一个挑战。文章提出一个有效的存储模型,完成海量证据的存储,建立证据获取平台。 相似文献
11.
Since its birth in the early 90 's,digital forensics has been mainly focused on collecting and examining digital evidence from computers and networks that are controlled and owned by individuals or organizations.As cloud computing has recently emerged as a dominant platform for running applications and storing data,digital forensics faces well-known challenges in the cloud,such as data inaccessibility,data and service volatility,and law enforcement lacks control over the cloud.To date,very little research has been done to develop efficient theory and practice for digital forensics in the cloud.In this paper,we present a novel framework,Cloud Foren,which systematically addresses the challenges of forensics in cloud computing.Cloud Foren covers the entire process of digital forensics,from the initial point of complaint to the final point where the evidence is confirmed.The key components of Cloud Foren address some challenges,which are unique to the cloud.The proposed forensic process allows cloud forensic examiner,cloud provider,and cloud customer collaborate naturally.We use two case studies to demonstrate the applicability of Cloud Foren.We believe Cloud Foren holds great promise for more precise and automatic digital forensics in a cloud computing environment. 相似文献
12.
在介绍传统电子数据固定方法的基础上,针对可信取证理念,给出电子数据静态属性可信的支撑框架和可信固定方法.运用DSA数字签名、时间戳技术,并结合基于证实数字签名的第3方保证方案,研究电子数据具体的可信固定算法.通过形式化分析,定义并描述电子数据静态属性可信的约束规则,为电子数据可信固定提供支持.结合取证实例,运用已总结的公理和规则进行可信取证的形式化分析.结果表明,该方法能对电子证据进行可信固定. 相似文献
13.
14.
Memory analysis is one of the key techniques in computer live forensics. Especially, the analysis of a Mac OS X operating system’s memory image file plays an important role in identifying the running status of an apple computer. However, how to analyze the image file without using extra”mach-kernel” file is one of the unsolved difficulties. In this paper, we firstly compare several approaches for physical memory acquisition and analyze the effects of each approach on physical memory. Then, we discuss the traditional methods for the physical memory file analysis of Mac OS X. A novel physical memory image file analysis approach without using extra“mach-kernel” file is proposed base on the discussion. We verify the performance of the new approach on Mac OS X 10.8.2. The experimental results show that the proposed approach is simpler and more practical than previous ones. 相似文献
15.
Cyber-crimes are growing rapidly,so it is important to obtain the digital evidence on the web page.Usually,people can examine the browser history on the client side and data files on the server side,but both of them have shortcomings in real criminal investigation.To overcome the weakness,this paper designs a web page forensic scheme to snapshot the pages from web servers with the help of web spider.Also,it designs several steps to improve the trustworthiness of these pages.All the pages will be dumped in local database which can be presented as reliable evidence on the court. 相似文献
16.
Zoe Lin JIANG Jun-bin FANG Lucas Chi Kwong HUI Siu Ming YIU Kam Pui CHOW Meng-meng SHENG 《浙江大学学报(英文版)(C辑:计算机与电子)》2011,12(10)
Verifying the integrity of a hard disk is an important concern in computer forensics,as the law enforcement party needs to confirm that the data inside the hard disk have not been modified during the i... 相似文献
17.
针对图像拼接操作会对边缘像素的连续性造成破坏等问题,本文提出了一种基于双遍历峰值和膨胀滤波的彩色图像拼接定位算法.该算法首先对待检测图像进行行列差分,确定双遍历峰值,同时再进行R,G,B三通道拼接点融合,从而全面获取拼接点信息,并利用数学形态学的膨胀滤波,强化拼接边缘,削弱噪点的影响.仿真结果表明,彩色图像拼接定位算法,时空复杂度小,能够有效地检测图像拼接伪造区域、大小及形状,可以对伪造区域进行准确定位.该研究可应用于图像取证等相关行业. 相似文献
18.
Yi Wang 《哈尔滨工业大学学报(英文版)》2014,21(6):34-38
Cloud computing is becoming the developing trend in the information field.It causes many transforms in the related fields.In order to adapt such changes,computer forensics is bound to improve and integrate into the new environment.This paper stands on this point,suggests a computer forensic service framework which is based on security architecture of cloud computing and requirements needed by cloud computing environment.The framework introduces honey farm technique,and pays more attention on active forensics,which can improve case handling efficiency and reduce the cost. 相似文献
19.
李俊莉 《平顶山工学院学报》2008,68(3):89-90
电子证据是计算机技术出现及发展以后产生的一种新型证据类型,随着传统犯罪的计算机化趋势,电子证据出现的频率越来越高,范围也越来越广,已经成为证据系列的重要方面. 相似文献
20.
针对当前网络取证数据过滤方法对先验知识过度依赖的问题,提出一种基于人工免疫网络聚类的过滤网络取证数据的方法.该方法以取证数据作为抗原,以具有动态作用域的B细胞作为人工免疫网络的节点,依据抗原与人工免疫网络的隶属度、B细胞的刺激度来进化人工免疫网络,根据过滤阈值判据,来筛选取证数据.实验结果表明,在不具备先验知识以及在合理选取时间窗口和过滤阈值以确保有较高检测率的情况下,算法能够提供较高的数据压缩比.该方法能够有效地确立调查数据的范围,有助于提高取证分析的效率. 相似文献