Computer evidence obtaining method and device

A technology of computer forensics and computer programs, which is applied in the computer field, can solve the problems that the forensics process is not intuitive enough and unsatisfactory, and achieve the effect of intuitive and clear evidence collection process and improve the efficiency of forensics

Pending Publication Date: 2022-04-29
奇安盘古(上海)信息技术有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, related technologies cannot meet the needs of online forensics such as viruses, Trojan horses, and malicious programs, and the forensics process is not intuitive enough.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Computer evidence obtaining method and device
  • Computer evidence obtaining method and device
  • Computer evidence obtaining method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] In order to make the purpose, technical solutions and advantages of the present invention clearer, the technical solutions in the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the present invention. Obviously, the described embodiments are part of the embodiments of the present invention , but not all examples. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0040] The computer forensics method provided by the present invention will be described in detail below through some embodiments and application scenarios with reference to the accompanying drawings.

[0041] The present invention provides a computer forensics method, the computer forensics method can be applied in the electronic forensics scene, by mounting the forensic image file to the ta...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a computer evidence obtaining method and device.The method comprises the steps that an evidence obtaining mirror image file is mounted to a target disk or a target partition of electronic equipment, and a mounted mirror image is obtained; the mounting mirror image is simulated into a virtual machine in the electronic equipment; and starting the virtual machine, and carrying out online evidence collection on the virtual machine. According to the computer evidence obtaining method, the original operation environment of the operation system in the evidence obtaining mirror image can be restored, the evidence obtaining process is visual and clear, online evidence obtaining of virus Trojan horse, malicious programs and other content can be achieved, and the evidence obtaining efficiency is improved.

Description

technical field [0001] The present invention relates to the field of computer technology, in particular to a computer evidence collection method and device. Background technique [0002] With the increasing number of computer crime cases and the digitalization of crime methods, the work of collecting electronic evidence has become the key to providing important clues and solving cases. The process of recovering damaged computer data and providing relevant electronic evidence is called electronic forensics. [0003] Specifically, electronic forensics refers to the process of obtaining, storing, analyzing and presenting evidence for criminal acts such as computer intrusion, destruction, fraud, and attack by using computer software and hardware technology in a legally compliant manner. From a technical point of view, computer crime forensics is a process of scanning and cracking the compromised computer system and reconstructing the intrusion event. In the field of electronic...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56G06F9/455
CPCG06F21/566G06F9/45508
Inventor 吕雪松郑文鑫闫鹏飞刘亮
Owner 奇安盘古(上海)信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap