56results about How to "Improve forensics efficiency" patented technology

The invention discloses a Sobel edge detection and image block brightness feature-based blind image tampering forensic method. The method is characterized by comprising the following steps of: converting a to-be-detected suspicious image into a grayscale image; carrying out convolution processing on the grayscale image I (i, j); obtaining a gradient image G (i, j) of the image; carrying out threshold value segmentation on the G (i, j) to obtain the gradient image G (i, j); carrying out binary processing on the gradient image G (i, j) to obtain a binary image W (i, j); carrying 1 pixelation on the binary image; and judging the similarity of two sub-image sets. According to the method, blocking processing is carried out on image sets; through brightness mean value sorting, the forensic algorithm efficiency can be effectively improved; and through comparing the similar brightness values of image blocks, the correctness is further improved and the image forensic efficiency is further improved. According to the method, the problem that the tampered images cannot be correctly detected due to cloning and tampering behaviors of large-scale zooming is solved; and through normalized image block brightness values, the detection result of cloned images with different brightness values is further improved.

The invention discloses a traffic law violation dynamic identification method and system. The method includes the following steps that: images are acquired, and are cached for a predetermined duration; an identification target is determined from the images, and a target identification instruction is generated; the target identification instruction is issued to identify a target feature and/or target behavior; a target tracing instruction is issued to trace a past target behavior based on the cached images; and/or a target tracking instruction is issued to capture an image tracking-post targetbehavior. According to the method of the invention, road monitoring images are viewed in real time through an image acquisition device; vehicles conducting illegal behaviors are automatically trackedthrough the image acquisition device; evidences of the illegal behaviors of the vehicles can be automatically collected through the image acquisition device; and therefore, the complexity of traditional traffic law violation manual image capture and evidence collection can be simplified, the problem of the desynchrony of control signal responses and monitoring images can be fundamentally can be solved, and the efficiency of evidence collection can be improved.

One or more embodiments of the invention disclose an evidence obtaining method and device based on a block chain, and the method comprises the steps: obtaining a network evidence obtaining request ofa user, and obtaining evidence obtaining identification information according to the network forensics request; calling an intelligent contract deployed on a block chain, and controlling nodes in theblock chain to execute evidence obtaining operation according to the evidence obtaining identification information to obtain corresponding evidence obtaining data; and signing the evidence obtaining data, and sending the signed evidence obtaining data to the terminal of the user. According to one or more embodiments of the invention, automatic acquisition of evidence obtaining data is realized, the evidence obtaining time is greatly shortened, the evidence obtaining efficiency is improved, meanwhile, the manpower cost of evidence obtaining is reduced. In addition, the credibility of the network environment and the credibility of the evidence obtaining data are also ensured.

The invention discloses a multi-line evidence obtaining method and device based on a block chain, equipment and a storage medium, and belongs to the technical field of block chains. According to the embodiment of the invention, the evidence obtaining request for the target evidence obtaining address is responded to send an evidence obtaining instruction to at least two node devices, therefore, atleast two pieces of video data obtained by recording the content displayed by the target evidence obtaining address by the at least two pieces of node equipment are obtained; the at least two pieces of video data are stored in a local database of the current node equipment, the key information of the at least two pieces of video data is stored in a block chain; the node equipment in the blockchainsystem automatically records the video data and stores the key information to the blockchain, and a multi-line evidence obtaining mode is adopted instead of a client to obtain evidences, so that thelabor cost is reduced, the obtained evidence obtaining data cannot be tampered, the authenticity of the evidence obtaining data can be ensured, and the evidence obtaining efficiency is also improved.

The invention provides a certificate self-help distribution device. The certificate self-help distribution device comprises at least a control host as well as a certificate slot metal plate storage device, a certificate discharging device, a mechanical arm transfer device, a liquid crystal display module, a receipt printer, an identity card identification module, a photographing module which is used for photographing a certificate collector, a fingerprint identification module, a touch signature module and an RFID reading and writing module which is used for writing the information of a certificate into an RFID tag on the corresponding certificate, wherein the certificate slot metal plate storage device, the certificate discharging device, the mechanical arm transfer device, the liquid crystal display module, the receipt printer, the identity card identification module, the photographing module, the fingerprint identification module, the touch signature module and the RFID reading and writing module are in circuit connection with the control host. The certificate collector selects ''collect a certificate oneself '' or ''collect a certificate on behalf of others''; and the certificate collector can complete certificate collection through a process of identity card identification, certificate collector face photographing, fingerprint identification, signing, certificate discharging of a certificate outlet and receipt printing. According to the certificate self-help distribution device, the certificate is read and identified through the RFID tag, so that the certificate self-help distribution device can be applied to different types of certificates. With the certificate self-help distribution device adopted, the technique gap of self-help distribution of paper multi-page certificates in China can be filled.

The invention provides a mobile phone sound record equipment source identification method. Equipment source identification is performed through the frequency band energy difference characteristics. The frequency band energy difference characteristics can represent the average intensity degree of adjacent frequency band response of the equipment so that the mobile phone sound record equipment source can be identified by using the classifier technology.

The invention provides a car insurance claim evidence information collection device which comprises a radio frequency identification module, a camera forensic module, a location positioning module, a display module and a communication module. The radio frequency identification module, the camera forensic module, the location positioning module, the display module and the communication module communicate with a system control module and receive an instruction issued by the system control module. The radio frequency identification module is used to accurately read encrypted vehicle registration information stored in a vehicle electronic identifier on a vehicle. The camera forensic module is used to photograph pictures when car insurance claim evidence information is collected, and carry out image identification on the photographed vehicle pictures to identify a vehicle license plate number from the vehicle pictures. The location positioning module is used to record location latitude and longitude information and forensic time information when photographing is carried out. The communication module is used to automatically send the acquired car insurance claim evidence information to an insurance company or a traffic police department. The system control module is used to control the operation of the modules, record relevant information and display relevant results on the display module. According to the invention, the problems of malicious fraud and the like are solved.

The invention discloses a manufacturing method of a simulation fingerprint, and belongs to the technical field of fingerprint recognition. The method comprises the steps that fingerprint pictures provided through a public security system are preprocessed through the image processing technology, and preprocessed images including fingerprint information meeting preset conditions are obtained; a carving method or a 3D printing method is adopted, and a fingerprint mold is manufactured and formed based on the fingerprint information included by the preprocessed images; and the simulation fingerprint is manufactured and formed through the fingerprint mold. By means of the manufacturing method, fingerprint data of the public security organ can be applied to manufacturing the simulation fingerprint, and then the public security organ can conveniently unlock mobile phone screens of corresponding parties through the simulation fingerprint so as to achieve the aim of mobile phone forensics.

The invention discloses an evidence obtaining method and system based on image recognition, computer equipment and a storage medium. The evidence obtaining method comprises the steps that an image collection terminal judges whether a collected latest image is similar to a corresponding historical image or not according to a preset similarity judgment model, so as to obtain a similarity judgment result; if the similarity judgment result is negative, the latest image and the historical image are sent to the user terminal as target image information; a user terminal receives the target image information, and classifies the target image information according to a preset classification model to obtain type information; and an evidence file corresponding to the target image information is generated according to a preset evidence file generation rule and the type information. Based on the similarity matching technology, the evidence obtaining method can quickly and efficiently analyze massivehigh-definition images, can generate corresponding evidence obtaining materials based on the collected high-definition images, and can greatly improve the evidence obtaining efficiency based on the massive high-definition images.

The invention relates to the technical field of a law enforcement instrument and particularly relates to a voice control method and system for the law enforcement instrument. The system comprises a main control module, and a storage module, an identity identification module, a voice acquisition module and an execution module connected with the main control module, wherein the execution module is further connected with the storage module. The system is characterized in that a transmitter is added in the law enforcement instrument, after that the identity of an on-site user is correct is determined, when the voice identification technology is utilized to further confirm that the voice of the user matches the voice of a database, a voice control command of the on-site user is started to identify, before execution of the command, a voice confirmation command of the on-site user is searched, if the positive response is returned, the command is executed immediately. The system is advantagedin that in addition to key operation through hands, the law enforcement instrument is operated through voice, a user is more convenient to operate, evidence obtaining efficiency is improved, evidenceobtaining quality is guaranteed, and evidence obtaining experience is rich.

An embodiment of the invention provides a text-oriented digital forensic analysis method and a device and a computer readable medium. The method comprises the following steps of: preprocessing the text content of the text to be taken as evidence to obtain a plurality of main words; generating an LDA model based on the trained document theme to obtain feature words in the main words, obtaining a plurality of feature words, and determining feature word vectors based on a plurality of feature words; calculating a semantic similarity between the feature word vector and the preset sensitive word vector, and obtaining a semantic similarity maximum vector based on the semantic similarity; and determining whether the text to be taken as evidence is a forensic target based on the semantic similarity maximum vector. According to the text-oriented digital forensic analysis method and the device and the computer readable medium, the technical problems in the prior art of inefficiency and labor wastage is solved, which are caused by only manually browsing the text content to determine whether the text to be taken as evidence is a forensic target when taking evidence of the text content of the text to be taken as evidence , , thereby realizing the technical effect of saving labor costs and improving the forensic efficiency of the text content.

The invention provides a method for recovering deleted privacy data. The method comprises the steps of monitoring the deletion operation of a user and determining whether the deletion operation belongs to a restricted deletion operation in a data recovery on mode, if so, performing next step, otherwise, monitoring the deletion operation of the user, obtaining a restricted deletion operation object of the restricted deletion operation, performing a first pre-processing manner on the restricted deletion operation object to obtain a unique deletion index value of the restricted deletion operation object, determining whether the restricted deletion operation object needs to perform crushing deletion according to the requirements of a user, and if so, thoroughly grinding the restricted deletion operation object and continuing monitoring, otherwise, performing a second pre-processing manner on the restricted deletion operation object to recover the restricted deletion operation object to a corresponding original position. According to the method, the privacy data of the user are reconstructed, the analysis difficulty of the data is reduced, the evidence efficiency is effectively improved and smooth completion of the evidence collection work is guaranteed.

The invention discloses a screen lock password cracking method and evidence acquisition system for intelligent equipment based on a Mobex protocol. According to the scheme, the intelligent equipment with the built-in Mobex protocol is driven based on the Mobex protocol to execute a document deletion command; and a document which stores a gesture password in an intelligent terminal and an intelligent terminal document which stores a digital password are deleted. The scheme provided by the invention is characterized in that a screen lock password of the intelligent equipment with the built-in Mobex protocol is cracked rapidly based on the Mobex protocol; operations are simple, stable and reliable; evidence acquisition of the intelligent equipment can be achieved easily; and efficiency of the evidence acquisition of data in the intelligent equipment is greatly increased.

The invention discloses a device and method for showing a potential trace by means of far infrared rays to solve the problem that the potential trace on paper is hard to extract. The device comprises a main table, a far infrared treatment table, a laser power supply and pump and an evidence obtaining device, wherein an oblique table used for installation of the evidence obtaining device is arranged on the main table, the far infrared treatment table is arranged in the main table and used for conducting far infrared treatment on an object to be detected, perspiration matter permeating through the paper is crystallized into a trace in the small crystal particle mode from fiber intervals after the object to be detected is treated with far infrared rays, laser emitted by the laser power supply and pump irradiates the object to be detected treated with far infrared rays to enable the trace formed in the crystallized mode on the object to be detected to emit fluorescent light so that the potential trace can be shown, and the evidence obtaining device is used for taking a photo of the shown trace to extract the trace. According to the device and method, perspiration matter permeating through the paper can be shown in the small crystal particle mode from fiber intervals on the premise that the integrity of the permeable paper is kept, fluorescent light is emitted under the excitation of laser with a specific spectrum, the potential trace is shown on the paper without damage caused, and evidence obtaining quality is improved.

The invention discloses a cloud data online evidence obtaining system and method. According to the scheme, the system is composed of a cloud evidence obtaining analysis system, an evidence storage data cloud, an evidence calling interface and an evidence storage interface in a matched mode. The cloud forensic analysis system is used for acquiring a dynamic evidence obtaining analysis demand and calling cloud data required by evidence obtaining analysis from a corresponding cloud service provider through the evidence calling interface according to the evidence obtaining analysis demand; the evidence storage data cloud receives and stores the cloud data returned by the cloud service provider through the evidence storage interface; and the cloud evidence obtaining analysis system obtains thecloud data returned by the cloud service provider from the evidence storage data cloud and carries out evidence obtaining analysis on the cloud data to form data evidence. According to the scheme, byconstructing the cloud platform capable of carrying out online evidence obtaining, whole-course online evidence obtaining of the cloud data is achieved, the difficulty of cloud data evidence obtainingis greatly reduced, and the problems that data fixing is difficult, evidence extraction is difficult and event reappearing is difficult in the whole conventional cloud evidence obtaining process areeffectively solved.

The embodiment of the invention provides a real-time evidence obtaining method for an Android application. The method comprises the steps of obtaining the to-be-obtained evidence information during acurrent application, wherein the to-be-obtained evidence information comprises the to-be-obtained evidence object types and the to-be-obtained evidence content; identifying a target application according to the to-be-obtained evidence object types, constructing an evidence obtaining rule based on the to-be-obtained evidence object types and the to-be-obtained evidence content, retrieving the target application, receiving the retrieval information in real time, matching the retrieval information with the evidence obtaining rule, and obtaining the evidence if matching succeeds. The current application has the to-be-obtained evidence information, so that the target application can be determined directly according to the to-be-obtained evidence object types in the to-be-obtained evidence information, the pertinence is high, not only the retrieval information retrieved from the target application is received, but also the extraction of the to-be-obtained evidence information is completed. The verification of the to-be-obtained evidence information is completed by matching the retrieval information with the evidence obtaining rule, so that the evidence obtaining efficiency is improved. In addition, the online real-time evidence obtaining enables the service processing capacity of a system to be improved.

The invention belongs to the technical field of network security, in particular to a network forensics method and a network forensics device based on alarm aggregation. And the intrusion detection data of the key nodes of the network are obtained, and the intrusion detection data are used as the alarm evidence set of the forensic analysis of the network; The alarm evidence in the alarm evidence set is mapped to the attack graph, and the alarm evidence chain is obtained. Clustering the alarm evidence chain to construct the network intrusion scene and recover the network crime scene. The invention aims at the problems of missing report and false report existing in the network forensics by using the intrusion detection system, and can accurately and completely display the intrusion panorama of the attacker and improve the network forensics efficiency through the alarm evidence mapping, the evidence chain generation, the evidence chain clustering and the intrusion scene construction. Alarmdata related to intrusion scenes become important electronic evidence, which has strong practicability and operability, and provides reliable basis for collecting network data evidence, returning tothe crime scene and litigation cases.

The invention provides a camera used for reconnaissance as well as a reconnaissance system and relates to the technical field of reconnaissance equipment. The camera used for the reconnaissance and provided by the invention comprises an imaging device, a multiband light source and a light filtering device; the imaging device is used for receiving light rays and converting the light rays into an electrical signal; the multiband light source comprises multiple LED lamp beads which are arranged at intervals around the imaging device, and the multiple LED lamp beads can give out lights with multiple wavelengths; and the light filtering device is detachably connected with the imaging device and is used for filtering the light rays of the imaging device. By virtue of the camera used for the reconnaissance and provided by the invention, the technical problems that operation is complex in shooting and evidence collecting processes in the prior art and shooting recording can not be convenientlyperformed on a trace of a physical evidence are alleviated.

The invention provides a computer evidence obtaining method and device.The method comprises the steps that an evidence obtaining mirror image file is mounted to a target disk or a target partition of electronic equipment, and a mounted mirror image is obtained; the mounting mirror image is simulated into a virtual machine in the electronic equipment; and starting the virtual machine, and carrying out online evidence collection on the virtual machine. According to the computer evidence obtaining method, the original operation environment of the operation system in the evidence obtaining mirror image can be restored, the evidence obtaining process is visual and clear, online evidence obtaining of virus Trojan horse, malicious programs and other content can be achieved, and the evidence obtaining efficiency is improved.

The invention discloses a video evidence obtaining method and system and a medium. The video evidence obtaining method comprises the steps of obtaining a target video; obtaining a motion residual corresponding to each picture frame in the target video according to a collusion operator; and inputting the motion residual error into the trained high-pass filtering full convolutional network to obtain an evidence obtaining result of the target video output by the high-pass filtering full convolutional network. According to the video evidence obtaining method and system, evidence obtaining can be well carried out on tampered videos, the evidence obtaining efficiency is high, the video evidence obtaining difficulty is effectively reduced, the primitiveness, integrity and authenticity of the videos can be effectively verified, and the practical value is good.