可信互联网取证:网络取证设备的设计

Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005. Pub Date : 2005-09-05 DOI:10.1109/SECCMW.2005.1588292

D. Bruschi, M. Monga, E. Rosti

{"title":"可信互联网取证:网络取证设备的设计","authors":"D. Bruschi, M. Monga, E. Rosti","doi":"10.1109/SECCMW.2005.1588292","DOIUrl":null,"url":null,"abstract":"With the spreading of cyber-crime, computer forensics has emerged as a new discipline in the system security arena. Some work is being done towards the definition of methodologies for the collection of digital evidences from storage devices that can withstand legal analysis in court. On the contrary, the collection of network evidences that allows for a selection of the traffic and guarantees legal admissibility is still an open field. In this paper we present the architecture of TIF, trusted Internet forensics, a network appliance that collects data from the network for forensics purposes. Such an appliance relies on a trusted computing platform in order to allow for the verification of the computational chain so that the data collected could be used as evidence in court.","PeriodicalId":382662,"journal":{"name":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Trusted Internet forensics: design of a network forensics appliance\",\"authors\":\"D. Bruschi, M. Monga, E. Rosti\",\"doi\":\"10.1109/SECCMW.2005.1588292\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the spreading of cyber-crime, computer forensics has emerged as a new discipline in the system security arena. Some work is being done towards the definition of methodologies for the collection of digital evidences from storage devices that can withstand legal analysis in court. On the contrary, the collection of network evidences that allows for a selection of the traffic and guarantees legal admissibility is still an open field. In this paper we present the architecture of TIF, trusted Internet forensics, a network appliance that collects data from the network for forensics purposes. Such an appliance relies on a trusted computing platform in order to allow for the verification of the computational chain so that the data collected could be used as evidence in court.\",\"PeriodicalId\":382662,\"journal\":{\"name\":\"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-09-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SECCMW.2005.1588292\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECCMW.2005.1588292","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

摘要

随着网络犯罪的蔓延，计算机取证作为系统安全领域的一门新兴学科应运而生。目前正在进行一些工作，以确定从存储设备中收集数字证据的方法，以便经得起法庭的法律分析。而对于网络证据的收集，既要对流量进行选择，又要保证法律上的可采性，仍然是一个开放的领域。在本文中，我们介绍了TIF(可信Internet取证)的体系结构，它是一种从网络收集数据用于取证目的的网络设备。这种设备依赖于一个可信的计算平台，以便允许对计算链进行验证，以便收集的数据可以用作法庭上的证据。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Trusted Internet forensics: design of a network forensics appliance

With the spreading of cyber-crime, computer forensics has emerged as a new discipline in the system security arena. Some work is being done towards the definition of methodologies for the collection of digital evidences from storage devices that can withstand legal analysis in court. On the contrary, the collection of network evidences that allows for a selection of the traffic and guarantees legal admissibility is still an open field. In this paper we present the architecture of TIF, trusted Internet forensics, a network appliance that collects data from the network for forensics purposes. Such an appliance relies on a trusted computing platform in order to allow for the verification of the computational chain so that the data collected could be used as evidence in court.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005.

自引率

0.00%

发文量