| 计算机系统遭到犯罪入侵后的电子证据取证 |
| |
| 引用本文: | 吴小平,蔡梅娟.计算机系统遭到犯罪入侵后的电子证据取证[J].河北公安警察职业学院学报,2007,7(2):62-64. |
| |
| 作者姓名: | 吴小平 蔡梅娟 |
| |
| 作者单位: | 1. 江西省公安专科学校,江西,南昌,330043
2. 江西省赣州市公安局,江西,赣州,341000 |
| |
| 摘 要: | 电子证据没有传统证据所拥有的永恒性,电子犯罪的调查和起诉,调查人员必须根据在某种交易已经完成后的记录来立案。一旦探测到受到入侵,你有两种选择方案来对付—将系统和网络断开,开始取证,或者仍旧让系统联网,尝试监控入侵者。利用正确的工具,具备所有器件如何工作的知识,就是收集所需证据需要的一切。
|
| 关 键 词: | 电子证据 监控入侵者 原始数据的处理 |
| 文章编号: | 1672-6405(2007)02-0062-03 |
| 修稿时间: | 2006年10月19 |
On Means of Obtaining Electronic Evidence after the Criminal Invasion of the Computer System |
| |
| Wu Xiaoping,Cai Meijuan.On Means of Obtaining Electronic Evidence after the Criminal Invasion of the Computer System[J].Journal of Hebei Vocational College of Public Security Police,2007,7(2):62-64. |
| |
| Authors: | Wu Xiaoping Cai Meijuan |
| |
| Abstract: | Electronic evidence cannot last as long as traditional evidence. Investigators of electronic crime place a case on file according to the record of completing a trade. Once checked to have been invaded, the computer system can be cut off from the internet to begin obtaining evidence, or as an alternative, the system can be still on line to monitor the invaders. Necessary evidence can be obtained with proper tools and knowledge of how all parts work in a computer system. |
| |
| Keywords: | electronic evidence monitor the invaders the process of original data |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
