本文已被:浏览 1872次 下载 5376次
Received:May 27, 2013 Revised:June 20, 2013
Received:May 27, 2013 Revised:June 20, 2013
中文摘要: 随着信息时代的来临,一些不法分子在实施犯罪之前往往会上网查询信息,他们所用的浏览器便成了司法机关取证的关键. 能否提取有效的犯罪线索或证据,取决于浏览器取证方法的好坏,本文介绍了目前主流的火狐浏览器、IE浏览器的取证技术,概述了IE缓存文件和基于SQLite数据库的火狐浏览器历史系统的日志文件结构,提出了信息恢复方法. 通过对已删除日志文件或缓存文件信息提取,来达到获取证据的目的,分析用户的行为.
Abstract:With the advent of the information age, some criminals always tend to query information from the Internet before they engaged in criminal activity. So the browser they used has become the key to the forensics of judicial authorities. Whether we can extract the effective evidence of crime depends on the forensics method of browser. This article introduces the forensics technology of Firefox and IE browser which are the current mainstream browsers, outlined the browser temporary file structure, such as the IE cache file and the SQLite database log files of the Firefox, proposed information recovery method. It can collect evidence and analyze the user's behavior by extract the information of the deleted log files or cache files.
文章编号: 中图分类号: 文献标志码:
基金项目:
| Author Name | Affiliation |
| TAO Zi-Yi | Shanxi University of Chinese Medicine, Xi'an 712046, China |
| BI Shan-Wei | Hitachi Elevator(China), Shanxi Branch, Xi'an 712046, China |
| Author Name | Affiliation |
| TAO Zi-Yi | Shanxi University of Chinese Medicine, Xi'an 712046, China |
| BI Shan-Wei | Hitachi Elevator(China), Shanxi Branch, Xi'an 712046, China |
引用文本:
陶姿邑,毕善为.浏览器取证技术.计算机系统应用,2014,23(5):8-15
TAO Zi-Yi,BI Shan-Wei.Overview of Browser Forensics Technology.COMPUTER SYSTEMS APPLICATIONS,2014,23(5):8-15
陶姿邑,毕善为.浏览器取证技术.计算机系统应用,2014,23(5):8-15
TAO Zi-Yi,BI Shan-Wei.Overview of Browser Forensics Technology.COMPUTER SYSTEMS APPLICATIONS,2014,23(5):8-15
