56results about How to "Improve forensics efficiency" patented technology

The invention discloses a Sobel edge detection and image block brightness feature-based blind image tampering forensic method. The method is characterized by comprising the following steps of: converting a to-be-detected suspicious image into a grayscale image; carrying out convolution processing on the grayscale image I (i, j); obtaining a gradient image G (i, j) of the image; carrying out threshold value segmentation on the G (i, j) to obtain the gradient image G (i, j); carrying out binary processing on the gradient image G (i, j) to obtain a binary image W (i, j); carrying 1 pixelation on the binary image; and judging the similarity of two sub-image sets. According to the method, blocking processing is carried out on image sets; through brightness mean value sorting, the forensic algorithm efficiency can be effectively improved; and through comparing the similar brightness values of image blocks, the correctness is further improved and the image forensic efficiency is further improved. According to the method, the problem that the tampered images cannot be correctly detected due to cloning and tampering behaviors of large-scale zooming is solved; and through normalized image block brightness values, the detection result of cloned images with different brightness values is further improved.

The invention discloses a traffic law violation dynamic identification method and system. The method includes the following steps that: images are acquired, and are cached for a predetermined duration; an identification target is determined from the images, and a target identification instruction is generated; the target identification instruction is issued to identify a target feature and / or target behavior; a target tracing instruction is issued to trace a past target behavior based on the cached images; and / or a target tracking instruction is issued to capture an image tracking-post targetbehavior. According to the method of the invention, road monitoring images are viewed in real time through an image acquisition device; vehicles conducting illegal behaviors are automatically trackedthrough the image acquisition device; evidences of the illegal behaviors of the vehicles can be automatically collected through the image acquisition device; and therefore, the complexity of traditional traffic law violation manual image capture and evidence collection can be simplified, the problem of the desynchrony of control signal responses and monitoring images can be fundamentally can be solved, and the efficiency of evidence collection can be improved.

The invention relates to a method for realizing the evidence collection and the analysis of electronic data in evidence collection software based on custom scripts. The method comprises the following steps: compiling the custom scripts by the evidence collection software, and obtaining an evidence collection and analysis object; normalizing the collected electronic data by the evidence collection software according to the compiled custom scripts, and obtaining a corresponding electronic data tree; performing the correlation analysis between the evidence collection and analysis object and the electronic data tree by the evidence collection software, and obtaining the evidence collection and analysis result. Through the adoption of the method for realizing the evidence collection and the analysis of the electronic data in the evidence collection software based on the custom script, the binding between the evidence collection and analysis logic and the evidence collection and analysis software is relieved through the custom script, the software frame of the evidence collection software is relatively open, the evidence collection software cannot be limited by application software during the operation, different custom scripts can be uploaded aiming to different kinds of software, the evidence collection method is flexible and changeable, the evidence collection efficiency is improved, the analysis process is accelerated, and the application range is wider.

The invention discloses a multi-line evidence obtaining method and device based on a block chain, equipment and a storage medium, and belongs to the technical field of block chains. According to the embodiment of the invention, the evidence obtaining request for the target evidence obtaining address is responded to send an evidence obtaining instruction to at least two node devices, therefore, atleast two pieces of video data obtained by recording the content displayed by the target evidence obtaining address by the at least two pieces of node equipment are obtained; the at least two pieces of video data are stored in a local database of the current node equipment, the key information of the at least two pieces of video data is stored in a block chain; the node equipment in the blockchainsystem automatically records the video data and stores the key information to the blockchain, and a multi-line evidence obtaining mode is adopted instead of a client to obtain evidences, so that thelabor cost is reduced, the obtained evidence obtaining data cannot be tampered, the authenticity of the evidence obtaining data can be ensured, and the evidence obtaining efficiency is also improved.

The invention provides a certificate self-help distribution device. The certificate self-help distribution device comprises at least a control host as well as a certificate slot metal plate storage device, a certificate discharging device, a mechanical arm transfer device, a liquid crystal display module, a receipt printer, an identity card identification module, a photographing module which is used for photographing a certificate collector, a fingerprint identification module, a touch signature module and an RFID reading and writing module which is used for writing the information of a certificate into an RFID tag on the corresponding certificate, wherein the certificate slot metal plate storage device, the certificate discharging device, the mechanical arm transfer device, the liquid crystal display module, the receipt printer, the identity card identification module, the photographing module, the fingerprint identification module, the touch signature module and the RFID reading and writing module are in circuit connection with the control host. The certificate collector selects ''collect a certificate oneself '' or ''collect a certificate on behalf of others''; and the certificate collector can complete certificate collection through a process of identity card identification, certificate collector face photographing, fingerprint identification, signing, certificate discharging of a certificate outlet and receipt printing. According to the certificate self-help distribution device, the certificate is read and identified through the RFID tag, so that the certificate self-help distribution device can be applied to different types of certificates. With the certificate self-help distribution device adopted, the technique gap of self-help distribution of paper multi-page certificates in China can be filled.

The invention provides a mobile phone sound record equipment source identification method. Equipment source identification is performed through the frequency band energy difference characteristics. The frequency band energy difference characteristics can represent the average intensity degree of adjacent frequency band response of the equipment so that the mobile phone sound record equipment source can be identified by using the classifier technology.

The invention provides a car insurance claim evidence information collection device which comprises a radio frequency identification module, a camera forensic module, a location positioning module, a display module and a communication module. The radio frequency identification module, the camera forensic module, the location positioning module, the display module and the communication module communicate with a system control module and receive an instruction issued by the system control module. The radio frequency identification module is used to accurately read encrypted vehicle registration information stored in a vehicle electronic identifier on a vehicle. The camera forensic module is used to photograph pictures when car insurance claim evidence information is collected, and carry out image identification on the photographed vehicle pictures to identify a vehicle license plate number from the vehicle pictures. The location positioning module is used to record location latitude and longitude information and forensic time information when photographing is carried out. The communication module is used to automatically send the acquired car insurance claim evidence information to an insurance company or a traffic police department. The system control module is used to control the operation of the modules, record relevant information and display relevant results on the display module. According to the invention, the problems of malicious fraud and the like are solved.

The present invention discloses an improvement method of the ROI (Region of Interest) definition of a capture evidence collection image. The method is able to improve the brightness, enhance the region contour detail and control the region color through eight steps so as to improve the definition of an image. Compared with the prior art, the improvement method of the ROI definition of a capture evidence collection image solves the key problems that a plurality of ROI image parameters in a vehicle video image in a capture evidence collection system cannot perform synchronization adaptive adjustment when the evidence collection and the display of an intelligent traffic video image are performed, the imaging environment, the compression coding and the bright, the color and the definition caused in the transmission process are declined, and the display effect of the ROI video image is bad, etc.

The invention relates to the technical field of blockchain evidence storage, in particular to a blockchain-based offline process evidence obtaining and storing method. The method comprises the following steps that: a server sends an offline evidence obtaining console installation package to a user; a virtual machine operation desktop is constructed for the user to operate, a mouse and keyboard operation process of the user is recorded, a user operation process file is formed and uploaded to the server; the user operation process file is called to construct a virtual machine, the user operation process is restored, and virtual machine desktop images are stored at a certain frequency; the stored desktop images are stored according to a time sequence to form a video, and the video is associated with timestamps so as to be adopted as evidence obtaining data; a preservation certificate is generated, and a compressed data packet is formed; and the compressed data packet is signed and storedand is subjected to digital fingerprint extraction, so that evidence storage data can be formed, the evidence storage data is broadcasted to a block chain network, and anchored to a public block chain. With the method adopted, the concurrent pressure of the server is reduced, the efficiency of the process evidence obtaining of the server is improved, and the process evidence obtaining is more convenient.

The invention discloses a manufacturing method of a simulation fingerprint, and belongs to the technical field of fingerprint recognition. The method comprises the steps that fingerprint pictures provided through a public security system are preprocessed through the image processing technology, and preprocessed images including fingerprint information meeting preset conditions are obtained; a carving method or a 3D printing method is adopted, and a fingerprint mold is manufactured and formed based on the fingerprint information included by the preprocessed images; and the simulation fingerprint is manufactured and formed through the fingerprint mold. By means of the manufacturing method, fingerprint data of the public security organ can be applied to manufacturing the simulation fingerprint, and then the public security organ can conveniently unlock mobile phone screens of corresponding parties through the simulation fingerprint so as to achieve the aim of mobile phone forensics.

The invention discloses an evidence obtaining method and system based on image recognition, computer equipment and a storage medium. The evidence obtaining method comprises the steps that an image collection terminal judges whether a collected latest image is similar to a corresponding historical image or not according to a preset similarity judgment model, so as to obtain a similarity judgment result; if the similarity judgment result is negative, the latest image and the historical image are sent to the user terminal as target image information; a user terminal receives the target image information, and classifies the target image information according to a preset classification model to obtain type information; and an evidence file corresponding to the target image information is generated according to a preset evidence file generation rule and the type information. Based on the similarity matching technology, the evidence obtaining method can quickly and efficiently analyze massivehigh-definition images, can generate corresponding evidence obtaining materials based on the collected high-definition images, and can greatly improve the evidence obtaining efficiency based on the massive high-definition images.

The invention relates to the technical field of a law enforcement instrument and particularly relates to a voice control method and system for the law enforcement instrument. The system comprises a main control module, and a storage module, an identity identification module, a voice acquisition module and an execution module connected with the main control module, wherein the execution module is further connected with the storage module. The system is characterized in that a transmitter is added in the law enforcement instrument, after that the identity of an on-site user is correct is determined, when the voice identification technology is utilized to further confirm that the voice of the user matches the voice of a database, a voice control command of the on-site user is started to identify, before execution of the command, a voice confirmation command of the on-site user is searched, if the positive response is returned, the command is executed immediately. The system is advantagedin that in addition to key operation through hands, the law enforcement instrument is operated through voice, a user is more convenient to operate, evidence obtaining efficiency is improved, evidenceobtaining quality is guaranteed, and evidence obtaining experience is rich.

An embodiment of the invention provides a text-oriented digital forensic analysis method and a device and a computer readable medium. The method comprises the following steps of: preprocessing the text content of the text to be taken as evidence to obtain a plurality of main words; generating an LDA model based on the trained document theme to obtain feature words in the main words, obtaining a plurality of feature words, and determining feature word vectors based on a plurality of feature words; calculating a semantic similarity between the feature word vector and the preset sensitive word vector, and obtaining a semantic similarity maximum vector based on the semantic similarity; and determining whether the text to be taken as evidence is a forensic target based on the semantic similarity maximum vector. According to the text-oriented digital forensic analysis method and the device and the computer readable medium, the technical problems in the prior art of inefficiency and labor wastage is solved, which are caused by only manually browsing the text content to determine whether the text to be taken as evidence is a forensic target when taking evidence of the text content of the text to be taken as evidence , , thereby realizing the technical effect of saving labor costs and improving the forensic efficiency of the text content.

The invention provides a method for obtaining remote data based on a remote control system. The remote control system comprises a client side, a server side, a remote control program module, a network carrier, a remote implantation program module and a remote configuration program module. The remote control program module is used for remotely controlling the server side, the remote implantation program module is used for sneaking into the server side and obtaining the operation authority of the server side, the remote configuration program module is used for setting parameters of the remote control program, and the parameters comprise the port number of the remote control program module, triggering conditions and a remote control software name. According to the method for obtaining the remote data based on the remote control system, the effect of concealing oneself is achieved by using an virtual IP, the concealing effect is improved through the technologies such as connection bounce, port reuse and course injection, and the evidence obtaining efficiency of the public security organization is effectively improved. Meanwhile, data stored in the server side are automatically deleted after the data are obtained, only needed content is collected, and the harm range is small.

The invention provides a method for recovering deleted privacy data. The method comprises the steps of monitoring the deletion operation of a user and determining whether the deletion operation belongs to a restricted deletion operation in a data recovery on mode, if so, performing next step, otherwise, monitoring the deletion operation of the user, obtaining a restricted deletion operation object of the restricted deletion operation, performing a first pre-processing manner on the restricted deletion operation object to obtain a unique deletion index value of the restricted deletion operation object, determining whether the restricted deletion operation object needs to perform crushing deletion according to the requirements of a user, and if so, thoroughly grinding the restricted deletion operation object and continuing monitoring, otherwise, performing a second pre-processing manner on the restricted deletion operation object to recover the restricted deletion operation object to a corresponding original position. According to the method, the privacy data of the user are reconstructed, the analysis difficulty of the data is reduced, the evidence efficiency is effectively improved and smooth completion of the evidence collection work is guaranteed.

The invention discloses a screen lock password cracking method and evidence acquisition system for intelligent equipment based on a Mobex protocol. According to the scheme, the intelligent equipment with the built-in Mobex protocol is driven based on the Mobex protocol to execute a document deletion command; and a document which stores a gesture password in an intelligent terminal and an intelligent terminal document which stores a digital password are deleted. The scheme provided by the invention is characterized in that a screen lock password of the intelligent equipment with the built-in Mobex protocol is cracked rapidly based on the Mobex protocol; operations are simple, stable and reliable; evidence acquisition of the intelligent equipment can be achieved easily; and efficiency of the evidence acquisition of data in the intelligent equipment is greatly increased.

The invention discloses a device and method for showing a potential trace by means of far infrared rays to solve the problem that the potential trace on paper is hard to extract. The device comprises a main table, a far infrared treatment table, a laser power supply and pump and an evidence obtaining device, wherein an oblique table used for installation of the evidence obtaining device is arranged on the main table, the far infrared treatment table is arranged in the main table and used for conducting far infrared treatment on an object to be detected, perspiration matter permeating through the paper is crystallized into a trace in the small crystal particle mode from fiber intervals after the object to be detected is treated with far infrared rays, laser emitted by the laser power supply and pump irradiates the object to be detected treated with far infrared rays to enable the trace formed in the crystallized mode on the object to be detected to emit fluorescent light so that the potential trace can be shown, and the evidence obtaining device is used for taking a photo of the shown trace to extract the trace. According to the device and method, perspiration matter permeating through the paper can be shown in the small crystal particle mode from fiber intervals on the premise that the integrity of the permeable paper is kept, fluorescent light is emitted under the excitation of laser with a specific spectrum, the potential trace is shown on the paper without damage caused, and evidence obtaining quality is improved.

The invention discloses a cloud data online evidence obtaining system and method. According to the scheme, the system is composed of a cloud evidence obtaining analysis system, an evidence storage data cloud, an evidence calling interface and an evidence storage interface in a matched mode. The cloud forensic analysis system is used for acquiring a dynamic evidence obtaining analysis demand and calling cloud data required by evidence obtaining analysis from a corresponding cloud service provider through the evidence calling interface according to the evidence obtaining analysis demand; the evidence storage data cloud receives and stores the cloud data returned by the cloud service provider through the evidence storage interface; and the cloud evidence obtaining analysis system obtains thecloud data returned by the cloud service provider from the evidence storage data cloud and carries out evidence obtaining analysis on the cloud data to form data evidence. According to the scheme, byconstructing the cloud platform capable of carrying out online evidence obtaining, whole-course online evidence obtaining of the cloud data is achieved, the difficulty of cloud data evidence obtainingis greatly reduced, and the problems that data fixing is difficult, evidence extraction is difficult and event reappearing is difficult in the whole conventional cloud evidence obtaining process areeffectively solved.

The embodiment of the invention provides a real-time evidence obtaining method for an Android application. The method comprises the steps of obtaining the to-be-obtained evidence information during acurrent application, wherein the to-be-obtained evidence information comprises the to-be-obtained evidence object types and the to-be-obtained evidence content; identifying a target application according to the to-be-obtained evidence object types, constructing an evidence obtaining rule based on the to-be-obtained evidence object types and the to-be-obtained evidence content, retrieving the target application, receiving the retrieval information in real time, matching the retrieval information with the evidence obtaining rule, and obtaining the evidence if matching succeeds. The current application has the to-be-obtained evidence information, so that the target application can be determined directly according to the to-be-obtained evidence object types in the to-be-obtained evidence information, the pertinence is high, not only the retrieval information retrieved from the target application is received, but also the extraction of the to-be-obtained evidence information is completed. The verification of the to-be-obtained evidence information is completed by matching the retrieval information with the evidence obtaining rule, so that the evidence obtaining efficiency is improved. In addition, the online real-time evidence obtaining enables the service processing capacity of a system to be improved.

The invention belongs to the technical field of network security, in particular to a network forensics method and a network forensics device based on alarm aggregation. And the intrusion detection data of the key nodes of the network are obtained, and the intrusion detection data are used as the alarm evidence set of the forensic analysis of the network; The alarm evidence in the alarm evidence set is mapped to the attack graph, and the alarm evidence chain is obtained. Clustering the alarm evidence chain to construct the network intrusion scene and recover the network crime scene. The invention aims at the problems of missing report and false report existing in the network forensics by using the intrusion detection system, and can accurately and completely display the intrusion panorama of the attacker and improve the network forensics efficiency through the alarm evidence mapping, the evidence chain generation, the evidence chain clustering and the intrusion scene construction. Alarmdata related to intrusion scenes become important electronic evidence, which has strong practicability and operability, and provides reliable basis for collecting network data evidence, returning tothe crime scene and litigation cases.

The invention provides a camera used for reconnaissance as well as a reconnaissance system and relates to the technical field of reconnaissance equipment. The camera used for the reconnaissance and provided by the invention comprises an imaging device, a multiband light source and a light filtering device; the imaging device is used for receiving light rays and converting the light rays into an electrical signal; the multiband light source comprises multiple LED lamp beads which are arranged at intervals around the imaging device, and the multiple LED lamp beads can give out lights with multiple wavelengths; and the light filtering device is detachably connected with the imaging device and is used for filtering the light rays of the imaging device. By virtue of the camera used for the reconnaissance and provided by the invention, the technical problems that operation is complex in shooting and evidence collecting processes in the prior art and shooting recording can not be convenientlyperformed on a trace of a physical evidence are alleviated.

The invention provides a computer evidence obtaining method and device.The method comprises the steps that an evidence obtaining mirror image file is mounted to a target disk or a target partition of electronic equipment, and a mounted mirror image is obtained; the mounting mirror image is simulated into a virtual machine in the electronic equipment; and starting the virtual machine, and carrying out online evidence collection on the virtual machine. According to the computer evidence obtaining method, the original operation environment of the operation system in the evidence obtaining mirror image can be restored, the evidence obtaining process is visual and clear, online evidence obtaining of virus Trojan horse, malicious programs and other content can be achieved, and the evidence obtaining efficiency is improved.

The invention discloses a flexible soft physical evidence shooting device and a shooting method thereof, and relates to the physical evidence obtaining technology. The problem of the prior art of inconvenient evidence obtaining can be solved. The flexible soft physical evidence shooting device comprises a flattening device used for flattening a soft physical evidence; a light source device used for the development illumination of the flattened flexible soft physical evidence; and a physical evidence camera used for imaging evidence obtaining of the developed physical evidence. The flattening device comprises a bottom support; a fixing support fixedly disposed on the bottom support; a flattening support, which is disposed on the fixing support, and can be used for rotating and positioning. The flattening support is formed by detachably superposing a plurality of hollow wide edge square frames having different sizes by adopting the magnetic attraction, and a plurality of flattening frames can be formed. The flexible soft physical evidence can be disposed on the corresponding flattening frame according to the size, and the frames, which are smaller than the flexible soft physical evidence can be detached, and the periphery of the flexible soft physical evidence can be disposed between the frame magnetic stone and the inner frame magnetic strip of the flattening support in a clamped manner, and the physical evidence can be flattened by adopting the magnetic force. The form of the flattened flexible object can be fully displayed, and the evidence obtaining efficiency can be improved.

The invention discloses a video evidence obtaining method and system and a medium. The video evidence obtaining method comprises the steps of obtaining a target video; obtaining a motion residual corresponding to each picture frame in the target video according to a collusion operator; and inputting the motion residual error into the trained high-pass filtering full convolutional network to obtain an evidence obtaining result of the target video output by the high-pass filtering full convolutional network. According to the video evidence obtaining method and system, evidence obtaining can be well carried out on tampered videos, the evidence obtaining efficiency is high, the video evidence obtaining difficulty is effectively reduced, the primitiveness, integrity and authenticity of the videos can be effectively verified, and the practical value is good.