Title :
DDCFS: A Distributed Dynamic Computer Forensic System Based on Network
Author :
Hu, Liang ; Tang, Kuo ; Shi, Guangkun ; Nurbol ; Zhao, Kuo
Author_Institution :
Dept. of Comput. Sci. & Technol., Jilin Univ., Changchun, China
Abstract :
With the increasing development of information technology, the computer crime problem is getting even serious. However traditional computer forensic that employs the static investigation after security events has inherent limitations. The authenticity, effectiveness and timeliness of the evidence are difficult to meet real needs. In order to solve the existing problems which static forensics technology has, this paper presents the design and implementation of DDCFS: a distributed dynamic computer forensics system based on network. Comparing with the traditional tools of the forensic system, it employs the work of gathering evidences of criminal actions before they occur or just they are ongoing, which avoid the evidence chain lose caused by traditional static forensic. It can improve the efficiency of the work of gathering evidences; enhance data integrity and timeliness of evidences. This paper describes the architecture, function and forensic procedure of DDCFS, and the implementation of the core module.
Keywords :
computer crime; data integrity; forensic science; DDCFS; computer crime; core module implementation; data integrity; distributed dynamic computer forensic system; Automation; Computer crime; Computer networks; Computer science; Computer security; Distributed computing; Forensics; Information technology; Intelligent networks; Physics computing; computer forensic; dynamic forensic; electronic evidence;
Conference_Titel :
Intelligent Computation Technology and Automation, 2009. ICICTA '09. Second International Conference on
Conference_Location :
Changsha, Hunan
Print_ISBN :
978-0-7695-3804-4
DOI :
10.1109/ICICTA.2009.729
