摘要
随着信息技术的发展,计算机取证正逐渐成为人们研究与关注的焦点。计算机取证研究的是如何为调查计算机犯罪提供彻底、有效和安全的技术,其关键是确保证据的真实性、可靠性、完整性和符合法律规定。本文分析了基于事后被动的静态取证和基于事前主动网络入侵检测的动态取证的过程原理及实现,并就取证机制本身的安全作了一些探讨。
With the development of information technology, computer forensics has become a new focus, Computer forensics is a technology field that attempts to prove thorough, efficient, and secure means to investigate computer crime. Computer evidence must be authentic, accurate, complete and convincing to juries. In this paper, the stages of computer static forensics based after action are presented, and the theories and the realization of computer dynamic forensics based before action are described. Secure of forensics system itself is discussed at last.
出处
《农业网络信息》
2005年第9期58-61,共4页
Agriculture Network Information
关键词
计算机犯罪
静态取证
动态取证
入侵检测
人工智能
数据挖掘
Computer crime ~ Static evidence
Dynamic evidence
Intrusion detection
Artificial intelligence ~ Data mining