| Traditional crime scene forensics relies mainly on people and traditional technology for obtaining evidence,while cybercrime cases evidence collection must rely on electronic data forensics technology.How to use forensics technology to extract valuable information from massive data as the case evidence with the rapid development of technologies such as cloud computing,artificial intelligence,machine learning,virtual reality.This issue has become a hot problem of research and discussion by forensic expert.As the computer technology of high-speed development,the detection of cybercrime cases has gradually become an important field in the public security industry.Cybercrime cases are influenced by multiple factors,as well as a wide variety of data,the current forensic techniques are limited to data extraction and analysis in specific regions.The innovation of internet technology has brought about the earth shaking changes,making the cybercrime case speeding up.Traditional forensic technology has been difficult to adapt to the needs of investigation of cybercrime cases,and it is urgent to develop new forensics technologies.From the angle of public security practice,research is still in its infancy.Therefore,the author attempts to carry out exploratory research on the problems of forensics in cybercrime cases,attempting to provide evidence and reference for the development of forensic techniques for cybercrime cases and professional network forensics platforms in the public security field in order to apply electronic data forensics technology of cybercrime cases in actual combat environments,so as to solve practical problems and improve the efficiency of detection cases.This paper focuses on the research of electronic data forensics techniques for cybercrime cases.The article is divided into six parts.The first part is the introduction part,mainly starting from the research background and significance of the topic,expounding the relevant contents of the electronic data forensics technology for cybercrime cases,and briefly introducing the research status at home and abroad.The second part is the summary of electronic data forensics,elaborates the theoretical basis of electronic data from the connection between electronic data and the principles of material exchange and transfer.Electronic data's sources have two terms which are physical storage and logical storage in computers and networks.Physical storage refers to storage in hardware in the form of magnetic,electrical,and optical.Logical storage refers to data stored in a certain coding format.Electronic data and traditional evidence In addition to having the basic characteristics of "objectivity","legitimateness" and "relevance",it also has the characteristics of virtuality,vulnerability,and concealment.At the end of this section,we recommend the concept of electronic data forensics and electronic data forensics.The third part is the origin and trend of cybercrime cases.Starting from the concept of cybercrime,it elaborates the characteristics of cybercrime.Cybercrime is intelligent,hidden,diverse,serious,common crimes,internal crimes may be With the characteristics of large-scale and complex,the development status and trends of cybercrime issues are summarized.The fourth part is the analysis of the network crime electronic data forensics analysis,mainly involves the related browser,email,chat application and web server forensics technology.Ultimately,the advantages and disadvantages of electronic data forensics technology for network crime are explained.The fifth part studies the electronic data forensics technology of cybercrime cases,using the most popular forensic development language Python to set up the development environment,designing forensic tools,experimental verification of the developed tools,and extracting the source IP address and destination IP address,and simulate web e-mails to get e-mails containing sensitive vocabulary.The sixth part is the concluding part of the article.We summarize the full text,and point out the shortcomings of this article. |
PDF Full Text Request