Electronic data evidence obtaining method and system for computer

An electronic data and computer technology, applied in the fields of information security and computer systems, can solve problems such as restricting the operability of computer forensics technology, and achieve the effect of improving usability and reliability, easy implementation, and high reliability

Inactive Publication Date: 2008-08-27
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

These conditions greatly limit the practical operability of computer forensics technology, and it is urgent to design a new forensics mechanism to strengthen the forensics ability of intrusion attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Electronic data evidence obtaining method and system for computer
  • Electronic data evidence obtaining method and system for computer
  • Electronic data evidence obtaining method and system for computer

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] Based on the 5 processes for implementing the forensics method, we decided to implement each process as a module of the forensics system. The forensic method and system of the present invention will be described in detail below with reference to the accompanying drawings.

[0033] like figure 2As shown, this forensics system mainly includes five parts: strategy generation module, on-demand customization module, real-time forensics module, evidence base module, security protection module, each module cooperates to complete the real-time forensics, dynamic configuration, security protection design goals of the forensics system . Among them, the strategy generation module adopts the data mining method to determine the evidence collection strategy of the current case. The on-demand customization module takes the current forensics strategy as input, generates the current forensic scope parameters, and dynamically updates the forensic scope of the real-time forensics modul...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to computer electronic data evidence taking method. It includes the following steps: strategy creating used multistage evidence taking strategy to create new case evidence taking strategy according to the demand; customizing the procedure according to the demand used to set evidence taking range variable in dynamic state; real time evidence taking used to record corresponding evidence data in system running; evidence storing used to test validity and store the tested evidence file in the data base; security protecting used to filter calling request for the evidence taking system and its corresponding data. The method can realize real time evidence taking for the electronic data.

Description

technical field [0001] The invention relates to a technology of electronic data forensics for computer systems, in particular to a method and system for real-time forensics of computer systems, and belongs to the technical fields of information security and computer systems. Background technique [0002] In recent years, with the rapid development of the Internet, the number of network intrusion attacks is increasing year by year at an alarming rate. According to CERT / CC statistics [CERT2006], the number of intrusion events each year from 2001 to 2003 increased by more than 50% over the previous year, of which CERT handled 137,529 intrusion events in 2003 alone. [0003] Computer security protection technology [Bishop2004] prevents intrusion from the perspective of access control. There are two types of access control policies: confidentiality policies and integrity policies. Confidentiality policy emphasizes the protection of confidentiality and is used to prevent unautho...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/00G06F11/00H04L29/06
Inventor 王永吉周博文丁丽萍王青李明树
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap