摘要
USB设备的种种优势使它很快普及起来,同时也被用于违规行为。如存储非法数据、盗窃专有数据、发布恶意软件等。因此在信息安全调查分析中,需要有一定的方法去调查和分析USB存储设备的使用。调查往往涉及确定一个USB设备是否在一个系统中使用过,以及确定是被哪一个特定的用户使用过。本文将从注册表、链接文件、还原点、关键字搜索等方面提出USB设备使用痕迹调查的方法与实现,旨在为同类型的数据调查提供一定借鉴思路。
All the advantages of USB devices make it quickly popularity spread, while also being used for illegal acts, such as: illegal storage, theft ofpropnetary, published by malicious software. Therefore, in the investigation and analysis of information security, it need to have some way to investigate and analyze the use of USB devices. It often involve determining whether a USB device is used in a system, and is used to which particular user. Methods of USB device using traces regard to the investigation is presented in this article. From the registry, linked files, restore points and keyword-search is designed to provide reference for the same type of investigation.
出处
《网络安全技术与应用》
2014年第6期7-8,共2页
Network Security Technology & Application
