检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:李威[1] 廖健[2] 曾剑平[2] Li Wei;Liao Jian;Zeng Jianping(Information Center, China Tobacco Zhejiang Industrial Co. , Ltd. , Hangzhou 310001, Zhejiang, China;School of Computer Science, Fudan University, Shanghai 200433, China)
机构地区:[1]浙江中烟工业有限责任公司信息中心,浙江杭州310001 [2]复旦大学计算机科学技术学院,上海200433
出 处:《计算机应用与软件》2019年第2期329-333,共5页Computer Applications and Software
摘 要:微信是目前公众使用频率极高的一款即时通信软件,为公众带来极大的便利。但同时也给不法分子带来新的机会,许多违法犯罪行为在微信平台上发生。设计一种PC版微信的内存分析方法,借助第三方工具pmdump得到微信应用的内存文件并对其进行分析,描述该方法的思路和具体步骤。特别针对文本、表情等多种不同类型信息撤回时,对内存文件中的特征变化进行分析。该方法对于微信应用的内存取证分析、撤回信息分析的应用场景具有一定参考价值。Nowadays, Wechat is a kind of instant messaging software with high frequency used by the public. It brings great convenience to the public. However, it also brings new opportunities to the lawless persons. Many criminal activities take place on the platform of WeChat. The paper designed memory analysis method for WeChat in PC version. The third-party tool pmdump was utilized to get memory files in WeChat and the files were analyzed. We described the ideas and concrete steps. The feature changes in the memory file were analyzed especially when text, expression and other different types of information were revoked. This method has a certain reference for the application scenarios in which we need to analyze the memory forensics and the revoking message in WeChat.
分 类 号:TP3[自动化与计算机技术—计算机科学与技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.28