摘要: 计算机取证存在证据获取困难及日志处理量大的问题。为此,将云计算思想引入计算机取证中,提出一种云取证模型。该模型利用Agent技术获取证据,增强证据获取的自主性、智能性,利用云计算中的虚拟化技术和协作技术,提高取证效率及计算机证据的安全性,引入反馈技术,完善取证体制。实验结果验证了该模型的有效性。
关键词:
计算机取证,
云计算,
云取证模型,
智能体,
虚拟化技术
Abstract: There exist the problems of difficulties in evidence obtaining and numerous logs to be dealt with in computer forensics. Aiming at these problems, this paper introduces the cloud computing into computer forensics, proposes a Cloud Forensics Model(CFM). CFM obtains evidence by making use of Agent technology, which can increase autonomy and intelligence of evidence acquisition. It improves the forensics efficiency and the safety of computer evidence by using the virtualization technology and collaboration technology. It introduces the feedback technology, which can consummate the evidence collection system. Experimental results prove the validity of the model.
Key words:
computer forensics,
cloud computing,
Cloud Forensics Model(CFM),
Agent,
virtualization technology
中图分类号:
公伟, 刘培玉, 迟学芝, 贾娴. 云取证模型的构建与分析[J]. 计算机工程, 2012, 38(11): 14-16.
GONG Wei, LIU Pei-Yu, CHI Hua-Zhi, GU Xian. Construction and Analysis of Cloud Forensics Model[J]. Computer Engineering, 2012, 38(11): 14-16.