【摘要】：信息技術(shù)的發(fā)展使得電子數(shù)據(jù)深入到人們生活的各個(gè)角落,也帶來(lái)了日益猖獗的以電子設(shè)備為手段和介質(zhì)的犯罪活動(dòng),針對(duì)這類活動(dòng)的電子取證應(yīng)運(yùn)而生。然而我國(guó)法律沒(méi)有對(duì)電子證據(jù)的明確定位,且電子證據(jù)又具有脆弱性、抽象性以及多樣性的特征,給多介質(zhì)環(huán)境下的電子取證方法帶來(lái)新的問(wèn)題。 本文以電子取證的法律環(huán)境為基礎(chǔ),對(duì)電子取證的過(guò)程模型以及取證技術(shù)和工具現(xiàn)狀進(jìn)行分析,研究多介質(zhì)環(huán)境下的電子取證工作的關(guān)鍵問(wèn)題,提出相應(yīng)的解決方案,設(shè)計(jì)了一種支持多介質(zhì)的電子取證方法,實(shí)現(xiàn)了電子取證平臺(tái)原型,并通過(guò)一系列實(shí)驗(yàn)進(jìn)行了驗(yàn)證。 本文首先對(duì)電子證據(jù)的法律定位和電子取證的過(guò)程模型以及技術(shù)工具的現(xiàn)狀進(jìn)行分析,研究并提出了多介質(zhì)環(huán)境下的電子取證的兩個(gè)關(guān)鍵問(wèn)題的解決方案:1)電子證據(jù)的不同介質(zhì)統(tǒng)一格式。通過(guò)對(duì)DEB格式的改進(jìn),保持公開(kāi)和多介質(zhì)包容特性,并加入電子簽名和多級(jí)別流轉(zhuǎn)的支持,讓多介質(zhì)的電子證據(jù)的存儲(chǔ)包裝更加統(tǒng)一和易用。2)電子取證的可信性保證方法。通過(guò)包含流轉(zhuǎn)元數(shù)據(jù)的電子簽名鏈的設(shè)計(jì),讓可信性保證方法達(dá)到了完整性、可校驗(yàn)性和時(shí)序性的要求,為取證過(guò)程中電子證據(jù)的完整性和取證結(jié)果的可信性提供保證。 在此基礎(chǔ)上,本文提出了一個(gè)支持多介質(zhì)的電子取證方法,支持多介質(zhì)環(huán)境下的證據(jù)搜集、證據(jù)保全、證據(jù)分析和證據(jù)展現(xiàn)。本文對(duì)方法中的關(guān)鍵活動(dòng)以及電子證據(jù)的存儲(chǔ)進(jìn)行了詳細(xì)設(shè)計(jì)。然后,基于該方法,本文采用UML技術(shù)完成了電子取證平臺(tái)的需求分析和架構(gòu)設(shè)計(jì),并采用Java、OpenSSL、hibernate以及MySQL數(shù)據(jù)庫(kù)等技術(shù)完成了平臺(tái)的實(shí)現(xiàn)。最后,針對(duì)電子取證的關(guān)鍵活動(dòng),本文對(duì)平臺(tái)進(jìn)行了一系列實(shí)驗(yàn)。實(shí)驗(yàn)證明,平臺(tái)能在完成電子取證流程的基礎(chǔ)上,對(duì)多介質(zhì)來(lái)源的電子證據(jù)提供有效的支持,并為電子取證過(guò)程提供可信性保證。
[Abstract]:With the development of information technology, electronic data goes deep into every corner of people's life, and it also brings about increasingly rampant criminal activities with electronic devices as means and media. Electronic forensics against such activities emerges as the times require. However, there is no clear orientation of electronic evidence in Chinese law, and electronic evidence has the characteristics of fragility, abstraction and diversity, which brings new problems to the electronic forensics method in multi-medium environment. Based on the legal environment of electronic forensics, this paper analyzes the process model, techniques and tools of electronic forensics, studies the key problems of electronic forensics in multi-medium environment, and puts forward corresponding solutions. An electronic forensics method supporting multi-media is designed, and the prototype of electronic forensics platform is implemented, which is verified by a series of experiments. This paper first analyzes the legal orientation of electronic evidence, the process model of electronic forensics and the present situation of technical tools. This paper studies and proposes two key solutions for electronic forensics in multi-media environment: 1) the unified format of electronic evidence in different media. By improving the DEB format, maintaining the characteristics of openness and multi-media inclusiveness, and adding the support of electronic signature and multi-level flow, the storage packaging of electronic evidence in multi-media is more uniform and easy-to-use. 2) the credibility of electronic forensics is guaranteed. Through the design of the electronic signature chain which contains the flow metadata, the credibility assurance method can meet the requirements of integrity, verifiability and timing, which can guarantee the integrity of the electronic evidence and the credibility of the evidence results in the process of obtaining evidence. On this basis, this paper proposes an electronic forensics method that supports multi-media, supporting evidence collection, evidence preservation, evidence analysis and evidence presentation in multi-media environment. In this paper, the key activities of the method and the storage of electronic evidence are designed in detail. Then, based on this method, this paper uses UML technology to complete the requirements analysis and architecture design of the electronic forensics platform, and uses Java,OpenSSL,hibernate and MySQL database technology to complete the implementation of the platform. Finally, aiming at the key activities of electronic forensics, this paper carries out a series of experiments on the platform. Experimental results show that the platform can provide effective support for electronic evidence from multiple media sources on the basis of completing the process of electronic forensics and provide credibility assurance for the process of electronic forensics.
【學(xué)位授予單位】：上海交通大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2012
【分類號(hào)】：TP311.52;D918.2

【引證文獻(xiàn)】

相關(guān)期刊論文 前1條

1 隆波;周道明;麥永浩;;專業(yè)電子設(shè)備取證技術(shù)研究[J];信息網(wǎng)絡(luò)安全;2013年08期

，

本文編號(hào)：2299685