排序方式: 共有225条查询结果,搜索用时 15 毫秒
1.
2.
在实行诉讼对抗制的国家,人们可以通过以下三种方法使信息技术证据成为保护企业利益的一种工具:(1)起诉,包括刑事诉讼;(2)法庭辩护;(3)为规则制定者和企业作出重要决策提供依据。然而,对于什么样的信息技术证据具有可采信性,人们仍有质疑。计算机法学正是研究如何确定、保存、分析及如何提交数字证据的一门新兴的学科。尽管传统上计算机法学被认为是一门滞后的学科,但是澳大利亚《信息技术证据管理指引》还是前瞻性地规定了能使电子证据效力最大化的系统生存周期的一些重要原则。 相似文献
3.
The big data era has a high impact on forensic data analysis. Work is done in speeding up the processing of large amounts of data and enriching this processing with new techniques. Doing forensics calls for specific design considerations, since the processed data is incredibly sensitive. In this paper we explore the impact of forensic drivers and major design principles like security, privacy and transparency on the design and implementation of a centralized digital forensics service. 相似文献
4.
目的研究NTFS存储设备的3种数据恢复方式,测试、比较不同方式的恢复效果,促进电子物证检验工作。方法本文针对同一NTFS存储设备,分别使自行设计的NTFS日志检验软件测试基于NTFS日志文件的恢复方式,使用Final Data的快速扫描功能测试基于MFT记录的恢复方式,使用Final Data的完整扫描功能测试基于文件头部存储特征值的恢复方式,比较3种方式的恢复效果,分析各自的恢复原理。结果基于NTFS日志和MFT记录的方式恢复出的信息较全,用时较短,但不适合恢复较长时间之前删除的文件。基于文件头部存储特征值的方式可恢复较长时间前删除的文件,但用时长,不能恢复文件名、创建时间等信息,也不能有效恢复离散存储的文件。结论结合实际情况、综合运用3种方式可有效恢复数据。 相似文献
5.
Darrell O. Ricke Ph.D. Philip Fremont‐Smith M.S. James Watkins B.S. Sara Stankiewicz M.S. Tara Boettcher B.S. Eric Schwoebel Ph.D. 《Journal of forensic sciences》2019,64(5):1468-1474
High‐throughput sequencing (HTS) of large panels of single nucleotide polymorphisms (SNPs) provides an alternative or complimentary approach to short tandem repeats (STRs) panels for the analysis of complex DNA mixture forensic samples. For STRs, methods to estimate individual contribution concentrations compare capillary electrophoresis peak heights, peak areas, or HTS allele read counts within a mixture. This article introduces three approaches (mean, median, and slope methods) for estimating individual DNA contributions to forensic mixtures for HTS/massively parallel sequencing (MPS) SNP panels. For SNPs, the major:minor allele ratios or counts, unique to each contributor, were compared to estimate contributor proportion within the mixture using the mean, median, and slope intercept for these alleles. The estimates for these three methods were typically within 5% of planned experimental contributions for defined mixtures. 相似文献
6.
At the time of this writing, Android devices are widely used, and many studies considering methods of forensic acquisition of data from Android devices have been conducted. Similarly, a diverse collection of smartphone forensic tools has also been introduced. However, studies conducted thus far do not normally guarantee data integrity required for digital forensic investigations. Therefore, this work uses a previously proposed method of Android device acquisition utilizing ‘Recovery Mode’. This work evaluates Android Recovery Mode variables that potentially compromise data integrity at the time of data acquisition. Based on the conducted analysis, an Android data acquisition tool that ensures the integrity of acquired data is developed, which is demonstrated in a case study to test tool's ability to preserve data integrity. 相似文献
7.
计算机犯罪取证主要围绕证据的获取和证据的分析。主要过程包括保护和勘查现场、获取物理数据、分析数据、追踪源头、提交结果等。计算机反取证就是删除或者隐藏入侵证据,使取证工作无效。反取证技术主要有数据擦除、数据隐藏等,数据擦除是最有效的反取证方法。从取证与反取证两方面分析计算机犯罪的特征,研究反取证技术的根源,可有效地保护国家信息网络安全,打击犯罪。 相似文献
8.
Increasingly, Android smartphones are becoming more pervasive within the government and industry, despite the limited ways to detect malicious applications installed to these phones' operating systems. Although enterprise security mechanisms are being developed for use on Android devices, these methods cannot detect previously unknown malicious applications. As more sensitive enterprise information becomes available and accessible on these smartphones, the risk of data loss inherently increases. A malicious application's actions could potentially leave sensitive data exposed with little recourse. Without an effective corporate monitoring solution in place for these mobile devices, organizations will continue to lack the ability to determine when a compromise has occurred. This paper presents research that applies traditional digital forensic techniques to remotely monitor and audit Android smartphones. The smartphone sends changed file system data to a remote server, allowing for expensive forensic processing and the offline application of traditional tools and techniques rarely applied to the mobile environment. The research aims at ascertaining new ways of identifying malicious Android applications and ultimately attempts to improve the state of enterprise smartphone monitoring. An on-phone client, server, database, and analysis framework was developed and tested using real mobile malware. The results are promising that the developed detection techniques identify changes to important system partitions; recognize file system changes, including file deletions; and find persistence and triggering mechanisms in newly installed applications. It is believed that these detection techniques should be performed by enterprises to identify malicious applications affecting their phone infrastructure. 相似文献
9.
Memory forensics has gradually moved into the focus of researchers and practitioners alike in recent years. With an increasing effort to extract valuable information from a snapshot of a computer's RAM, the necessity to properly assess the respective solutions rises as well. In this paper, we present an evaluation platform for forensic memory acquisition software. The platform is capable of measuring distinct factors that determine the quality of a generated memory image, specifically its correctness, atomicity, and integrity. Tests are performed for three popular open source applications, win32dd, WinPMEM, and mdd, as well as for different memory sizes. 相似文献
10.
电子邮件真伪鉴定初探 总被引:1,自引:0,他引:1
电子邮件作为网络沟通常见的形式之一,应用十分广泛,但涉及电子邮件的相关纠纷与犯罪问题也日益突出。很多案件由于无法判明电子邮件证据真实性,而导致诉讼无法正常进行、无奈拖延或者失败。为确定电子邮件证据真实性,对其进行科学鉴定显得十分重要,但电子邮件不同传统的物证、书证鉴定,其本身十分复杂,对其鉴定研究,必须分析常见的伪造形式,以及如何伪造,并在此基础上探讨鉴定的主要思路。 相似文献