摘要
计算机犯罪证据的固定是计算机取证的第一步。通过技术手段固定证据和保证证据的有效性是当前计算机取证研究工作面临的两个重要问题。主要包括静态取证,动态取证和网络取证。系统应用一系列计算机技术制定了一套规范的取证流程为电子证据成为诉讼证据奠定了基础。
The first step of Computer Forensic is solidification of suspect data. Thetwo Critical problems need to be solved are to solidify suspect data and confirmthe validation of the data. It includes static evidence, dynamic evidence and net-work evidence. Through the application of computer technology, the system setsup a legal workflow to found the base of electronic data being as litigation evidence.
出处
《网络安全技术与应用》
2004年第5期32-34,共3页
Network Security Technology & Application
基金
"十五"国家科技攻关计划"打击计算机犯罪侦查技术研究"(035005)资助.
关键词
信息安全
计算机安全
计算机取证
犯罪证据
网络数据包
Computer forensic
evidence solidification
static evidence
dynamicevidence
network evidence
workflow
