摘要
网页挖矿木马因其具有较高的隐蔽性和传播性,已成为全球最主要的网络安全威胁之一。目前,针对网页挖矿木马的取证流程及技术方法仍不健全。通过梳理在Android、Windows以及Linux等不同操作系统中的取证流程,可以发现基于网络数据层、网页代码层、可信时间戳、其他木马固定的“四维取证”方法不失为一种针对网页挖矿木马的有效取证方法。
Web mining trojans have become one of the most important network security threats in the world because of their high concealment and propagation.At present,the forensics process and technical methods for web mining trojans are still not perfect.By combing through the forensics process in different operating systems such as Android,Windows and Linux,it can be found that the"four-dimensional forensics"method based on the network data layer,the web code layer,the trusted time stamp and other trojans is an effective forensics method for web mining trojans.
作者
冯越
封梦
FENG Yue;FENG Meng
出处
《江苏警官学院学报》
2023年第3期116-122,共7页
Journal of Jiangsu Police Institute
关键词
网页挖矿木马
取证流程
取证方法
web mining trojan
forensic process
methods of obtaining evidence