摘要
作为计算机犯罪侦查中重要的证据与线索来源,用户行为信息在揭示犯罪分子操作细节方面发挥着重要作用。文章在阐述快捷方式文件结构格式的基础上,重点分析Recent文件夹下快捷方式文件随用户行为的变化情况,并结合实例说明基于该文件夹下快捷方式文件解析用户行为的具体步骤与方法。电子数据取证实践证明,所述方法准确高效。
As important evidences and clue sources in computer crime investigation, the information of useractivity plays an important role in the aspect of revealing detail of offender's operation. Based on analysis of data structure for shortcut files, this paper analyses the change situation of shortcut files in recent folder with user activityemphasisly, and illustrates the method of analysis of user activity based on shortcut files in recent folder with real case. The method is proved to be accurate and efficient in real work of digital investigation.
出处
《信息网络安全》
2013年第5期22-24,共3页
Netinfo Security
基金
公安部应用创新计划项目[2011YYCXXJXY121]