摘要
计算机犯罪取证主要围绕证据的获取和证据的分析。主要过程包括保护和勘查现场、获取物理数据、分析数据、追踪源头、提交结果等。计算机反取证就是删除或者隐藏入侵证据,使取证工作无效。反取证技术主要有数据擦除、数据隐藏等,数据擦除是最有效的反取证方法。从取证与反取证两方面分析计算机犯罪的特征,研究反取证技术的根源,可有效地保护国家信息网络安全,打击犯罪。
Computer crime forensics is mainly on the testimony gain and analysis. Its process consists of spot protection and investigation, physical data gain, data analysis, tracing origin, putting in result. Computer anti- forensics makes the forensics ineffectively through deletion or hiding. Thereinto data deletion is a most effective way. Analyzing computer crime through forensics and anti-forensics, we should find out the origin of anti-forensics to protect national information network security and beat crime.
出处
《吉林公安高等专科学校学报》
2007年第2期13-15,共3页
Journal of Jilin Public Secunity Academy
关键词
计算机犯罪
取证
反取证
数据擦除
国家信息
网络安全
computer crime, forensics, anti-forensics, data deletion, national information, network security
