期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

网络取证完整性技术研究 被引量:6

The Research on Integrity Technique of Network-Based Forensic
下载PDF
导出
摘要 针对司法取证的要求,结合网络数据的特点,提出了基于网络的动态电子取证模型,描述了总体结构和相关规则.为保证取证网络会话的完整性,设计了基于二维链表的多队列高速网络数据缓存算法,并验证了该算法的有效性,解决了取证模型的关键技术.最后利用插件技术实现了可扩展的取证系统. Considering on judicial forensic requirements and the characteristic of network packets,a network dynamic forensic model is proposed,which architecture and related rules are described.An algorithm based two-dimensional linked list and multi-queue which is used to cache network data in high speed network is designed.The effectiveness of the algorithm is analyzed and tested.The algorithm resolves key problem in the above model and ensures the integrality of network session which is saved.Finally,a network forensic system is designed by plug-in,which is extensible and support second development.
作者 王文奇 苗凤君 潘磊 张书钦
机构地区 中原工学院计算机学院
出处 《电子学报》 EI CAS CSCD 北大核心 2010年第11期2529-2534,共6页 Acta Electronica Sinica
基金 河南省科技攻关计划(No.082102210082,No.082102210092)
关键词 取证模型 二维链表 高速缓存算法 插件技术 forensic model two-dimensional linked list caching algorithm plug-in
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献12

  • 1Case A,Cristina A,Marziale L,Richard G,et al.FACE:Automated digital evidence discovery and correlation[J].Digital Investigation,2008,5:S65-75.
  • 2Cohen M,Pyflag- An advanced network forensic framework[J].Digital Invest- igation,2008,5:S112-S120.
  • 3Yongping T,Thomas E.Daniels.A simple framework for distributed forensics.Second International Workshop on Security in Distributed Computing Systems (SDCS).Columbus:IEEE Press,2005.163-169.
  • 4孙波,孙玉芳,张相锋,梁彬.电子数据证据收集系统保护机制的研究与实现[J].电子学报,2004,32(8):1374-1380. 被引量:8
  • 5IOCE.http://www.fbi.gov/hq/lab/fsc/ba ckissu/april2000/swgde.htm 1999-11-8/2009-2-3.
  • 6IOCE.Draft Best Practices on the Examination of Digital Evide.http:// www.ioce.org /fileadmin/user-upload/2002/Guidelines%20for%20Best%20Practices%20in%20Examination%20of%20Digital%20Evid.pdf,2002-5-6/2009-2-3.
  • 7Microsoft.Address Windowing Extensions.http://msdn.microsoft.com /en-us/library/aa366527(VS.85).aspx.2009-1-15/2009-2-3.
  • 8Apisdor J,Claffy K,Thompson K,et al.OC3MON:Flexible,affordable,high performance statistics collection.Proc of Internet Society’s 7th Annual Conference.Kuala Lumpur:Internet Society,1997.97-112.
  • 9Claffy K,Miller G,Thompson K,The nature of the beast:Recent traffic measurements from an Internet backbone.The Eighth Annual Conference of the Internet Society (INET'98).Geneva,Switzerland,1998.21-24.
  • 10李玉峰,邱菡,兰巨龙,杨建文.核心路由器转发引擎缓存需求分析[J].电子学报,2008,36(7):1421-1428. 被引量:2

二级参考文献37

  • 1章文嵩.Linux服务器集群系统( LVS ).http ://www-900.ibm.com/developerWorks/cn/linux/cluster/lvs/part 1/index.shtml.,.
  • 2John L Hennessy,David A Patterson.Computer Architecture,A Quantitative Approach.Elsevier Science Pte Ltd,2003.
  • 3Joseph Mack LVS-HOWTO.http://www.linuxvirtualserver.org/Joseph. Mack/HOWTO/index.html/, 2002.
  • 4Paul E Proctor.The Practical Intrusion Detection Handbook[M].Prenrice Hall PTR,2001.
  • 5R D Hof.A New Era of Bright Hopes and Terrible Fears[R].Business Week,Oct.1999.50-56.
  • 6Brown Stallard.Automated Analysis for Digital Forensic Science[D].USA:Univ.of California,Dec.2002.
  • 7Ahmed Patel.The impact of forensic computing on telecommunications[J].IEEE Communications Magazine,2000,11:64-67.
  • 8Jesse Kornblum.Preservation of Fragile Digital Evidence by First Responders[R].Digital Forensics Research Workshop,August 2002.
  • 9Gary Palmer.A Road Map for Digital Forensic Research[R].Digital Forensics Research Workshop,August 2002.
  • 10John Tan.Forensic Readiness[Z].http://www.atstake.com,July 2001.

共引文献15

同被引文献48

  • 1孙波,孙玉芳,张相锋,梁彬.电子数据证据收集系统保护机制的研究与实现[J].电子学报,2004,32(8):1374-1380. 被引量:8
  • 2丁丽萍,王永吉.计算机取证的相关法律技术问题研究[J].软件学报,2005,16(2):260-275. 被引量:84
  • 3Golden G. Richard III, Vassil Roussev. Next-generation digital forensics[ J ]. Communications of the ACM, 2006,49 (2) : 76 - 80.
  • 4The Common Digital Evidence Storage Format Working Group. Standardizing digital evidence storage [ J ]. Communi- cation of the ACM,2006,49(2) :67 - 68.
  • 5Zoe L Jiang, Imcas C K Hui,S M Yiu. Improving disk sector integrity using K-dimension Hashing[ A ]. Advances in Digital Forensics IV[ C]. Kyoto, Japan: Springer, 2008.87 - 98.
  • 6Roussev V, Chen Y, et al. Md5bloom: forensic filesystem hash- ing revisited[ J]. Digital Investigation, 2006,3 (s1) : 82 - 90.
  • 7Jeffrey Richter.Windows核心编程[M].北京:机械工业出版社,2005.
  • 8刘伟.数据恢复技术深度揭秘.北京:电子工业出版社.2011.8.
  • 9戴士剑,涂彦晖.数据恢复技术(第二版).北京:电子工业出版社,2005.
  • 10I Shafik G, Punja, Richard P. Mislan. Mobile device analysis[ J]. Small Scale Digital Device Forensics Journal, 2010,2( 1 ) : 1 -15.

引证文献6

二级引证文献14

电子学报
2010年 第11期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部