首页 | 本学科首页   官方微博 | 高级检索  
     

基于木马的计算机监控和取证系统研究
引用本文:史伟奇,张波云,刘运.基于木马的计算机监控和取证系统研究[J].计算机工程与设计,2007,28(10):2300-2302,2305.
作者姓名:史伟奇  张波云  刘运
作者单位:湖南大学软件学院,湖南,长沙,410082;湖南公安高等专科学校计算机系,湖南,长沙,410006;国防科技大学,计算机学院,湖南,长沙,410073
基金项目:湖南省科技攻关项目 , 公安部应用创新基金
摘    要:阐述了常用动态取证工具和取证系统的特点,分析了取证模式及木马技术,设计了一种基于木马的计算机取证系统.通过木马的隐藏和抗查杀等关键技术的应用,取证系统能提供3种不同取证方法实现对监控目标的秘密、实时、动态取证.

关 键 词:木马  监控与取证  取证系统  取证代理  主动获取  电子证据  隐蔽通道
文章编号:1000-7024(2007)10-2300-03
修稿时间:2006-05-06

Computer monitor and forensics system based on Trojan
SHI Wei-qi,ZHANG Bo-yun,LIU Yun.Computer monitor and forensics system based on Trojan[J].Computer Engineering and Design,2007,28(10):2300-2302,2305.
Authors:SHI Wei-qi  ZHANG Bo-yun  LIU Yun
Affiliation:1. School of Software, Hunan University, Changsha 410082, China; 2. School of Computer, National University of Defense Technology, Changsha 410073, China; 3. Department of Computer, Hunan Public Security College, Changsha 410006, China
Abstract:First, the characters of common used dynamic computer forensics tools and forensics system are described, after the forensics model and Trojan technology are analyzed, a computer forensics system based on Trojan is designed then. By utilizing the key technologies such as the conceal of Trojan and anti-scanning, three different kinds of forensics methods are proposed to realized the secret, real-time and dynamic forensics of the monitored objects.
Keywords:Trojan  monitor and forensics  forensics system  forensics agent  active obtaining  electronic evidences  covert channel
本文献已被 CNKI 维普 万方数据 等数据库收录!
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号