摘要
随着计算机犯罪的不断增加,电子数据取证技术(digitalforensictechnology)越来越受到人们的重视.电子数据证据不同于传统的犯罪证据,它们更加容易消失和被破坏,为了获得完整可信的电子数据证据,提出应在敏感主机中预先安装设置电子数据证据收集系统(digitalevidencecollectingsystem,DECS),用来收集系统中的相关证据.由于DECS的某些模块往往存在于被攻击系统之中,提出使用安全隔离环境是保护电子数据证据收集机制有效的方法,并设计了一个安全保护机制——ILOMAC.
Research regarding digital forensic technologies has become more active with the recent increases in illegal accesses to computer systems. Digital evidence is easy to modify and erase. In order to collect the evidence with integrity and fidelity, digital evidence collecting system which is set in the target system in advance is proposed to collect digital evidence for purpose. And the security of forensic mechanisms themselves is another serious problem. Based on the analysis of relative researches, secure area is proposed to protect forensic mechanisms from attacking.
出处
《计算机研究与发展》
EI
CSCD
北大核心
2005年第8期1422-1426,共5页
Journal of Computer Research and Development
基金
国家自然科学基金项目(60073022)
国家"八六三"高技术研究发展计划基金项目(863306ZD12142)
中国科学院知识创新工程基金项目(KGCX109)