检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:邹锦沛[1] 何思乐[1] 许志光[1] 姚兆明[1] 黎耀明[1] 许榕生[2] 麦永浩[3] 范晓曦[1]
机构地区:[1]香港大学计算机系,香港999077 [2]中国科学院高能物理研究所,北京100039 [3]湖北警官学院,武汉430034
出 处:《中国司法鉴定》2012年第5期59-65,共7页Chinese Journal of Forensic Sciences
摘 要:近年来网络犯罪数量呈快速上升的势头,但是却缺乏一种有效的取证方法来处理这些案件。调查人员通常依靠调查大量繁琐的源代码来了解犯罪模型及提取证据,但这种方式需要很多的人力与时间,并可能导致人为错误。为了克服调查人员可能出现的这些潜在错误,我们在本文中提出了一种半自动的方法来解决这些问题。该方法集成了用户视图(基于取证调查人员的高级别研究)和系统视图(基于对源代码的自动分析),来帮助调查人员精确调查的范围。本文应用此方法分析了一个真实案件,证明了方法的可行性,同时帮助调查人员高效地确定了调查范围和犯罪模型。可见这种半自动方法可以对大量有多个来源的电子证据进行有效分析,提高了网络犯罪案件取证的效率和可靠性。There is a rapid rise in cybercrime cases. There does not exist any effective forensic methods to deal with these eybercrime cases. Investigators are required to study the details of a large amount of tedious source in order to understand the crime model and dig out the evidence. This requires a lot of effort and may result in human errors. In order to overcome these potential errors that may cause by the investigators, we propose a semi-automatic approach that integrates the user view (based on a high level study of the forensic investigator) and the system view (based on the automatic analysis of the source codes) to assist investigators in refining the scope of the investigation. The approach has been verified using a real cybercrime case and the method has been shown to be effective in assisting the investigators in refining the scope of investigation and understanding the crime model. The semi-automatic approach has improved the efficiency and reliability of the digital forensic analysis of cybercrime cases involving large volume of digital evidence from multiple sources.
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.28