Computer Forensics And Data Mining Technology In Which The Applications

The computer is a significant invention for human society. People could enjoy the joy and convenience from computer technology development. However, the computer crimes have greatly obsessed their work and life. So we must get effective evidence to strike and defend the computer crimes. Taking evidence is the key to bring an effective lawsuit against computer crime. Computer Forensics is getting more and more attention. It is related with computer science and law areas, and is a cross study of powerful technology integrity. The Computer Forensics is based on law to extract crime information which has existed in computer system, and even get information from deleted, encoded files, and then store the evidence, and analyze the evidence, and provide them to police as competent evidence. The Computer Forensics system can be divided as dynamic forensics (real-time getting) and static forensics (getting afterwards, focusing on information in hardware equipment).Electromagnetic records occurring in computer system operation during Computer Forensics produecre, which can be used to prove case realities is called electronic evidence. Information from computer is mountainous. Therefore, how to do effective analysis to the information and extract electronic evidence related with cases and reflecting objective realities is hotspot evidence. Data mining is to extract mined, unknown forwards but potentially useful information and knowledge from large amount, noise, vague and stochastic data. We can use data mining technology into the data analysis of Computer Forensics, intergrating case particularity to analyze the large amount of information so as to extract useful evidence related with cases closely.The paper for the first time generally talks about basic knowledge of the Computer Forensics. Along with more study, the paper carries out static evidence forensics techonology with Window and Linux operation system. And the paper also introduces related information with computer dynamic forensics system, which combines with the IDS technology and honeypot technology. Then it refers to the application of association rule mining of data mining into data analysis of Computer Forensics.The paper introduce the detailed association rule mining process about data analysis, which includes the data preprocessing and the association rule finding. The paper can use the Apriori arithmetic to analyse the user's behaviors, log, and documents and find the association rule.