共查询到20条相似文献,搜索用时 384 毫秒
1.
一、保全证据公证的先天优势
预防性保全证据公证主要是通过计算机获取并保全电子证据。是保全证据公证的一种。目前,关于计算机取证尚无统一定义.计算机取证方面著名专家和权威人士Judd Robbins对计算机取证做如下界定:“计算机取证不过是将计算机调查和分析技术应用于对潜在的、有法律效力的证据的确定和获取。”取证专家Reith Clint Mark认为计算机取证是“从计算机中发现证据的技术和工具”。 相似文献
2.
计算机犯罪在对人们生活产生影响的同时,也改变着司法实践案件调查取证的方法.由于目前我国对计算机取证的法律法规尚未健全,侦查人员不规范的取证行为直接影响计算机证据的法庭认可.通过指出现存问题,从证据视角分析计算机取证的特点及法律要求,为今后法律法规的进一步健全、计算机取证工作的规范化提供参考. 相似文献
3.
随着互联网的发展,我们的生产和生活都逐步从线下向线上迁移,电子数据已经成为案件审判中最为常见的证据类型,尤其是在与网络有关的知识产权案件中,几乎所有的案件都会涉及电子数据。近期在成都日报社(上诉人)与北京全景视觉网络科技股份有限公司(被上诉人)侵害信息网络传播权纠纷上诉案中,法庭对被上诉人存于易保全取证平台的证据不予采信。①这引起了社会对通过第三方平台取证、存证这一新兴电子证据保全手段的极大关注,尤其是第三方平台取、存之证据的证据效力问题。 相似文献
4.
侦查取证中的讯问技巧,是指侦查人员对犯罪嫌疑人进行讯问时。为突破犯罪嫌疑人的心理防线,促使其如实供述犯罪事实,所采取的诸多讯问策略和方法的总称。侦查人员“初讯”犯罪嫌疑人时,正确运用讯问技巧,对突破案件,固定证据,扩大线索等侦查活动有着非常重要的作用。 相似文献
5.
在刑事诉讼诉讼过程中,侦查人员作为某些案件证据最初的接触者以及取证活动所形成的程序法事实的证据来源主体,由其充当证人参与法庭质证活动具有重要意义,不仅有利于案件真实的发现和实体法律的正确适用,而且有利于激发刑事诉讼各方参与者的主动性,彰显程序自身的公正性,还可有力约束侦查人员的非法取证行为。①因此,侦查人员作证制度具有重要的理论和实践价值,文章拟在相关法律规定的基础上,从作证范围和作证方式两方面对我国侦查人员作证制度进行探究。希望通过对以上两者的探究,提出完善侦查人员作证制度的建议,以促进该制度在司法实践中的具体落实,真正发挥该制度应有的诉讼价值。 相似文献
6.
受贿案大多是“一对一”证据的案件,受贿案的立案率往往高于有罪判决率,其中,最主要的原因就是案件一旦进入起诉或审判环节,犯罪嫌疑人就开始翻供。这就要求案件的侦查人员不仅要有侦查取证的能力,而且还要有对证据的固定能力和对犯罪嫌疑人可能翻供的事实和“理由”... 相似文献
7.
网络犯罪的有效打击依赖于及时获取相关数据。在刑事跨境数据取证场景中,数据的高灭失风险与复杂的取证程序之间的矛盾催生了数据保全的客观需求。数据先行冻结作为一项证据保全措施,针对的是具体案件中可能作为证据使用的数据,在其存在灭失、损毁风险的情况下,通过先行固定该目标数据以化解上述矛盾。数据先行冻结具有附属性、临时性、保全性、非必要性等特征,其功能主要在于服务后续跨境侦查取证措施,不仅可以与各类跨境取证措施相衔接,同时对于国家主权和公民个人信息保护等权益的干预程序亦相对较低,可以有效弱化跨境取证中的规则冲突。在其具体程序建构中,需要国内法和国际法相配合以提供正当性基础,明确其程序要素,并着重为网络信息业者和个人信息主体提供必要的权益保障机制。 相似文献
8.
9.
毒品犯罪案件有许多不同于普通刑事案件的特殊性,毒品案件中的证据又具有相对的单一性,必须当场缴获毒品和毒资才能证实犯罪。本文结合缉毒侦查中的具体情况,强调办理毒品案件必须增强证据意识,要把握好破案的时机,适时取证;收集证据一定要十分仔细,获取的证据应做好固定保全工作,并特别注意取证的合法性;采用技术侦察手段须把握住一条底线:不得诱人犯罪;应正确运用推定规则判定“明知”,对推定结论允许以确凿的事实予以反驳。 相似文献
10.
数字证据的性质及相关规则 总被引:7,自引:0,他引:7
“数字证据”在概念上区别于“计算机证据”、“电子证据”和“数据电文” ,在类型上不同于视听资料和书证。“数字证据”本身具有高科技性、客观真实性、外延广泛性的特点 ;针对数字证据的特性 ,应建立其相应的规则体系 ,并引入鉴定、公证和保全行为 ,使数字证据的证明力有充分的保障。 相似文献
11.
The increasing popularity of cryptography poses a great challenge in the field of digital forensics. Digital evidence protected by strong encryption may be impossible to decrypt without the correct key. We propose novel methods for cryptographic key identification and present a new proof of concept tool named Interrogate that searches through volatile memory and recovers cryptographic keys used by the ciphers AES, Serpent and Twofish. By using the tool in a virtual digital crime scene, we simulate and examine the different states of systems where well known and popular cryptosystems are installed. Our experiments show that the chances of uncovering cryptographic keys are high when the digital crime scene are in certain well-defined states. Finally, we argue that the consequence of this and other recent results regarding memory acquisition require that the current practices of digital forensics should be guided towards a more forensically sound way of handling live analysis in a digital crime scene. 相似文献
12.
在虚拟犯罪现场固定数字证据前,需要在大量数据中搜索和定位与案件事实相关联的数字证据。为了及时准确定位数字证据,必须依赖计算机相关技术,虚拟现场常采用的搜索技术包括基于字符串的搜索技术、基于特征码的搜索技术、基于数字指纹的搜索技术、基于痕迹信息的搜索技术等。 相似文献
13.
This paper discusses the use of communication technology to commit crimes, including crime facts and crime techniques. The analysis focuses on the security of voice over Internet protocol (VoIP), a prevention method against VoIP call attack and the attention points for setting up an Internet phone. The importance of digital evidence and digital forensics are emphasised. This paper provides the VoIP digital evidence forensics standard operating procedures (DEFSOP) to help police organisations and establishes an experimental platform to simulate phone calls, hacker attacks and forensic data. Finally, this paper provides a general discussion of a digital evidence strategy that includes VoIP for crime investigators who are interested in digital evidence forensics. 相似文献
14.
David Chaikin 《Crime, Law and Social Change》2006,46(4-5):239-256
Cyber attackers are rarely held accountable for their criminal actions. One explanation for the lack of successful prosecutions of cyber intruders is the dependence on digital evidence. Digital evidence is different from evidence created, stored, transferred and reproduced from a non-digital format. It is ephemeral in nature and susceptible to manipulation. These characteristics of digital evidence raise issues as to its reliability. Network-based evidence – ie digital evidence on networks – poses additional problems because it is volatile, has a short life span, and is frequently located in foreign countries. Investigators face the twin obstacles of identifying the author of a cyber attack and proving that the author has “guilty knowledge.” Even more is at stake when the cyber attacker is a trusted insider who has intimate knowledge of the computer security system of the organisation. As courts become more familiar with the vulnerabilities of digital evidence, they will scrutinise the reliability of computer systems and processes. It is likely that defence counsel will increasingly challenge both the admissibility and the weight of digital evidence. The law enforcement community will need to improve competencies in handling digital evidence if it is to meet this trend. 相似文献
15.
《Digital Investigation》2014,11(2):90-101
This paper defines a model of a special type of digital forensics tools, known as data acquisition tools, using the formal refinement language Event-B. The complexity and criticality of many types of computer and Cyber crime nowadays combined with improper or incorrect use of digital forensic tools calls for more robust and reliable specifications of the functionality of digital forensics applications. As a minimum, the evidence produced by such tools must meet the minimum admissibility standards the legal system requires, in general implying that it must be generated from reliable and robust tools. Despite the fact that some research and effort has been spent on the validation of digital forensics tools by means of testing, the verification of such tools and the formal specification of their expected behaviour remains largely under-researched. The goal of this work is to provide a formal specification against which implementations of data acquisition procedures can be analysed. 相似文献
16.
The dramatic increase in crime relating to the Internet and computers has caused a growing need for digital forensics. Digital forensic tools have been developed to assist investigators in conducting a proper investigation into digital crimes. In general, the bulk of the digital forensic tools available on the market permit investigators to analyse data that has been gathered from a computer system. However, current state-of-the-art digital forensic tools simply cannot handle large volumes of data in an efficient manner. With the advent of the Internet, many employees have been given access to new and more interesting possibilities via their desktop. Consequently, excessive Internet usage for non-job purposes and even blatant misuse of the Internet have become a problem in many organisations. Since storage media are steadily growing in size, the process of analysing multiple computer systems during a digital investigation can easily consume an enormous amount of time. Identifying a single suspicious computer from a set of candidates can therefore reduce human processing time and monetary costs involved in gathering evidence. The focus of this paper is to demonstrate how, in a digital investigation, digital forensic tools and the self-organising map (SOM)--an unsupervised neural network model--can aid investigators to determine anomalous behaviours (or activities) among employees (or computer systems) in a far more efficient manner. By analysing the different SOMs (one for each computer system), anomalous behaviours are identified and investigators are assisted to conduct the analysis more efficiently. The paper will demonstrate how the easy visualisation of the SOM enhances the ability of the investigators to interpret and explore the data generated by digital forensic tools so as to determine anomalous behaviours. 相似文献
17.
Although scholars and law enforcement administrators have provided input on how local law enforcement is responding to various forms of computer crime and how officers perceive of it, patrol officers have been rarely surveyed to understand their perceptions of computer crime. Examining officer perceptions is vital considering that patrol officers are being asked to be more effective first responders to digital forensic crime scenes as a critical step in combating computer crimes at the local level. This study therefore addressed this gap by surveying patrol officers in two southeastern cities regarding their perceptions of computer crime, specifically regarding its uniqueness, offenders and targets, and seriousness and frequency in comparison to traditional forms of crime. Results indicated that many officers do not have strong opinions on several aspects of computer crime. However, they perceive it to be a serious problem and consider some computer crimes to be as serious as traditional forms of crime. 相似文献
18.
Digital devices now play an important role in the lives of many in society. Whilst they are used predominantly for legitimate purposes, instances of digital crime are witnessed, where determining their usage is important to any criminal investigation. Typically, when determining who has used a digital device, digital forensic analysis is utilised, however, biological trace evidence or fingerprints residing on its surfaces may also be of value. This work provides a preliminary study which examines the potential for fingerprint recovery from computer peripherals, namely keyboards and mice. Our implementation methodology is outlined, and results discussed which indicate that print recovery is possible. Findings are intended to support those operating at-scene in an evidence collection capacity. 相似文献
19.
《Digital Investigation》2007,4(3-4):146-157
Post-event timeline reconstruction plays a critical role in forensic investigation and serves as a means of identifying evidence of the digital crime. We present an artificial neural networks based approach for post-event timeline reconstruction using the file system activities. A variety of digital forensic tools have been developed during the past two decades to assist computer forensic investigators undertaking digital timeline analysis, but most of the tools cannot handle large volumes of data efficiently. This paper looks at the effectiveness of employing neural network methodology for computer forensic analysis by preparing a timeline of relevant events occurring on a computing machine by tracing the previous file system activities. Our approach consists of monitoring the file system manipulations, capturing file system snapshots at discrete intervals of time to characterise the use of different software applications, and then using this captured data to train a neural network to recognise execution patterns of the application programs. The trained version of the network may then be used to generate a post-event timeline of a seized hard disk to verify the execution of different applications at different time intervals to assist in the identification of available evidence. 相似文献
20.
《Science & justice》2021,61(6):761-770
Many criminal investigations maintain an element of digital evidence, where it is the role of the first responder in many cases to both identify its presence at any crime scene, and assess its worth. Whilst in some instances the existence and role of a digital device at-scene may be obvious, in others, the first responder will be required to evaluate whether any ‘digital opportunities’ exist which could support their inquiry, and if so, where these are. This work discusses the potential presence of digital evidence at crime scenes, approaches to identifying it and the contexts in which it may exist, focusing on the investigative opportunities that devices may offer. The concept of digital devices acting as ‘digital witnesses’ is proposed, followed by an examination of potential ‘digital crime scene’ scenarios and strategies for processing them. 相似文献