文化大學機構典藏 CCUR:Item 987654321/44087
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 47249/51115 (92%)
Visitors : 14013562      Online Users : 304
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: https://irlib.pccu.edu.tw/handle/987654321/44087


    题名: 數位鑑識工具日誌之關聯分析研究
    Research on Correlation Analysis of Logs from Digital Forensics Tools
    作者: 王柏凱 (WANG, PO-KAI)
    贡献者: 資訊管理學系
    关键词: 數位鑑識
    事件調查工具
    資訊安全
    digital forensics
    incident investigation tools
    information security
    日期: 2018
    上传时间: 2019-05-10 13:46:37 (UTC+8)
    摘要: 數位鑑識,是在網路犯罪中,搜查蛛絲馬跡以追查到犯罪者。而數位鑑識困難的地方在於數位鑑識者必須根據不同的目的使用不同的鑑識工具,因此執行一次數位鑑識往往需要執行很多的工具;而這些工具執行的步驟繁瑣。而在執行工具的過程中,往往需要解讀每個工具所產生的結果日誌檔以做為下一個步驟的依據。然而現有工具除了缺乏整合外,其產出結果不易理解。
    面對日益複雜的攻擊事件,組織企業對於數位鑑識的需求日益增加。然而數位鑑識需要專家經驗以及大量的時間。因此如何快速並且正確的收集日誌檔並且分析可疑電腦為數位鑑識所面臨的挑戰。本研究透過各種角度以及工具的檢驗,在受害者電腦端收集資料。此系統將針對可行系統做五個面向的分析,其分別為異常網路連線、異常瀏覽紀錄、異常系統變更、異常檔案檢查、異常程序檢查。
    而本研究最後會提供一個整合型鑑識工具,數位鑑識專家系統對於受害電腦進行分析以期望可以快速並且正確的執行數位鑑識工作。

    關鍵字:數位鑑識(digital forensics),事件調查工具(incident investigation tools),資訊安全(information security)

    Digital forensics encompasses the investigation to computer crime in order to trace criminals.Digital authentication has many phases. The difficulty of digital identification lies in the fact that identifiers would have to use distinct tools depending on different purposes. Therefore, identification often results of logs in requiring a number of tools to implement and the execution of tools are complicated. Furthermore, these forensics tools often necessary to interpret the results generated by each tool as a basis for the next step. The current tools, however, are lack of integration and the outputs from which are hard to comprehend as well.
    In the face of increasingly complex cyber attacks, the demand in Digital Forensics for business organization has been increasing rapidly. Digital Forensics needs experiences from experts and a great deal of time, therefore, it becomes a challenge for Digital Forensics when it comes to how to collect logs information and analyze suspicious computers. This study had collected information from victim's computer through various perspective and tools. This system will perform five-oriented analysis for feasible systems: abnormal network connections, abnormal browsing records, abnormal changes of system, abnormal file checking, and abnormal program checking. Finally, in this research, we will provide an integrated forensic tool: The digital-forensic-system, it analyzes victim’s computer, and looks forward to executing the digital forensic work in a quick and correct way.

    Key Words: digital forensics, incident investigation tools, information security
    显示于类别:[Department of Information Management & Graduate Institute of Information Management] Thesis

    文件中的档案:

    档案 描述 大小格式浏览次数
    index.html0KbHTML138检视/开启


    检视Licence

    在CCUR中所有的数据项都受到原著作权保护.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回饋