排序方式: 共有230条查询结果,搜索用时 15 毫秒
1.
2.
在实行诉讼对抗制的国家,人们可以通过以下三种方法使信息技术证据成为保护企业利益的一种工具:(1)起诉,包括刑事诉讼;(2)法庭辩护;(3)为规则制定者和企业作出重要决策提供依据。然而,对于什么样的信息技术证据具有可采信性,人们仍有质疑。计算机法学正是研究如何确定、保存、分析及如何提交数字证据的一门新兴的学科。尽管传统上计算机法学被认为是一门滞后的学科,但是澳大利亚《信息技术证据管理指引》还是前瞻性地规定了能使电子证据效力最大化的系统生存周期的一些重要原则。 相似文献
3.
Darrell O. Ricke Ph.D. Philip Fremont‐Smith M.S. James Watkins B.S. Sara Stankiewicz M.S. Tara Boettcher B.S. Eric Schwoebel Ph.D. 《Journal of forensic sciences》2019,64(5):1468-1474
High‐throughput sequencing (HTS) of large panels of single nucleotide polymorphisms (SNPs) provides an alternative or complimentary approach to short tandem repeats (STRs) panels for the analysis of complex DNA mixture forensic samples. For STRs, methods to estimate individual contribution concentrations compare capillary electrophoresis peak heights, peak areas, or HTS allele read counts within a mixture. This article introduces three approaches (mean, median, and slope methods) for estimating individual DNA contributions to forensic mixtures for HTS/massively parallel sequencing (MPS) SNP panels. For SNPs, the major:minor allele ratios or counts, unique to each contributor, were compared to estimate contributor proportion within the mixture using the mean, median, and slope intercept for these alleles. The estimates for these three methods were typically within 5% of planned experimental contributions for defined mixtures. 相似文献
4.
Jong-Hyun Choi M.S. Jungheum Park Ph.D. Sangjin Lee Ph.D. 《Journal of forensic sciences》2020,65(3):966-973
Network-attached storage (NAS) is a system that uses a redundant array of disks (RAID) to create virtual disks comprising multiple disks and provide network services such as FTP, SSH, and WebDAV. Using these services, the NAS's virtual disks store data about individuals or groups, making them a critical analysis target for digital forensics. Well-known storage manufacturers like Seagate, Synology, and NETGEAR use Linux-based software RAID, and they usually support Berkeley RAID (e.g., RAID 0, 1, 5, 6, and 10) as well as self-developed hybrid RAID. Those manufacturers have published data on the introduction and features of hybrid RAID, but there is not enough information to reassemble RAID from a digital forensic perspective. Besides, digital forensic tools (such as EnCase, FTK, X-ways, and RAID Reconstructor) do not support automatic RAID reassembly for hybrid RAID, so research on hybrid RAID reassembly methods is necessary. This paper analyzes the disk array composed of hybrid RAID and explains the layout of disk array, partition layout in hybrid RAID, and hybrid RAID configuration strategy. Furthermore, it suggests parameters that are required for RAID reassembly and then propose a hybrid RAID reassembly procedure using them. Finally, we propose a proof-of-concept tool (Hybrid RAID Reconstructor) that identifies hybrid RAID from disk array and parse RAID parameters. 相似文献
5.
计算机犯罪取证主要围绕证据的获取和证据的分析。主要过程包括保护和勘查现场、获取物理数据、分析数据、追踪源头、提交结果等。计算机反取证就是删除或者隐藏入侵证据,使取证工作无效。反取证技术主要有数据擦除、数据隐藏等,数据擦除是最有效的反取证方法。从取证与反取证两方面分析计算机犯罪的特征,研究反取证技术的根源,可有效地保护国家信息网络安全,打击犯罪。 相似文献
6.
At the time of this writing, Android devices are widely used, and many studies considering methods of forensic acquisition of data from Android devices have been conducted. Similarly, a diverse collection of smartphone forensic tools has also been introduced. However, studies conducted thus far do not normally guarantee data integrity required for digital forensic investigations. Therefore, this work uses a previously proposed method of Android device acquisition utilizing ‘Recovery Mode’. This work evaluates Android Recovery Mode variables that potentially compromise data integrity at the time of data acquisition. Based on the conducted analysis, an Android data acquisition tool that ensures the integrity of acquired data is developed, which is demonstrated in a case study to test tool's ability to preserve data integrity. 相似文献
7.
周延 《辽宁公安司法管理干部学院学报》2011,(4):120-121
证据制度是诉讼制度的核心,证据制度的改革与完善不仅是建立现代司法制度的重要环节,也是实现司法公正的重要保证。举证时限制度作为证据制度不可或缺的组成部分,是实现程序公正的需要。在我国,刑事诉讼法与民事诉讼法并没有真正建立举证时限制度。由于现行的行政诉讼被告举证时限制度设立不久,无论理论还是实务,开掘深度与实践要求差距都较大,存在着许多缺陷和不足。文中在分析我国行政诉讼被告举证时限缺陷的基础上提出了完善我国行政诉讼被告举证时限制度的若干立法建议。 相似文献
8.
Increasingly, Android smartphones are becoming more pervasive within the government and industry, despite the limited ways to detect malicious applications installed to these phones' operating systems. Although enterprise security mechanisms are being developed for use on Android devices, these methods cannot detect previously unknown malicious applications. As more sensitive enterprise information becomes available and accessible on these smartphones, the risk of data loss inherently increases. A malicious application's actions could potentially leave sensitive data exposed with little recourse. Without an effective corporate monitoring solution in place for these mobile devices, organizations will continue to lack the ability to determine when a compromise has occurred. This paper presents research that applies traditional digital forensic techniques to remotely monitor and audit Android smartphones. The smartphone sends changed file system data to a remote server, allowing for expensive forensic processing and the offline application of traditional tools and techniques rarely applied to the mobile environment. The research aims at ascertaining new ways of identifying malicious Android applications and ultimately attempts to improve the state of enterprise smartphone monitoring. An on-phone client, server, database, and analysis framework was developed and tested using real mobile malware. The results are promising that the developed detection techniques identify changes to important system partitions; recognize file system changes, including file deletions; and find persistence and triggering mechanisms in newly installed applications. It is believed that these detection techniques should be performed by enterprises to identify malicious applications affecting their phone infrastructure. 相似文献
9.
Memory forensics has gradually moved into the focus of researchers and practitioners alike in recent years. With an increasing effort to extract valuable information from a snapshot of a computer's RAM, the necessity to properly assess the respective solutions rises as well. In this paper, we present an evaluation platform for forensic memory acquisition software. The platform is capable of measuring distinct factors that determine the quality of a generated memory image, specifically its correctness, atomicity, and integrity. Tests are performed for three popular open source applications, win32dd, WinPMEM, and mdd, as well as for different memory sizes. 相似文献
10.
电子邮件真伪鉴定初探 总被引:1,自引:0,他引:1
电子邮件作为网络沟通常见的形式之一,应用十分广泛,但涉及电子邮件的相关纠纷与犯罪问题也日益突出。很多案件由于无法判明电子邮件证据真实性,而导致诉讼无法正常进行、无奈拖延或者失败。为确定电子邮件证据真实性,对其进行科学鉴定显得十分重要,但电子邮件不同传统的物证、书证鉴定,其本身十分复杂,对其鉴定研究,必须分析常见的伪造形式,以及如何伪造,并在此基础上探讨鉴定的主要思路。 相似文献