Computer Log Forensics And Association Analysis

Cyber crime is increasing with the rapid progress of computer networks and information technology. The cyber crime forensics is more and more concerned by the world because it is the issue that needs to be resolved urgently.Supported by the 10th 5-year plan Project 2001BA802B of the Ministry of Science and Technology, this dissertation did researches in the improvement and implementation of Computer Log Forensics System. With the help of team members and emphasized focus on forensics of computer and network equipments, the forensic workflow is improved, with Knowledge Base Management System and some other related tools designed and implemented.The main work finished by author is:1) Improve and optimize the architecture and workflow of Computer Log Forensic System basing on former research knowledge.2) Redesigned and re-implemented the Log Analysis subsystem of Computer Log Forensic System.3) Designed and implemented Knowledge Base Management System and Database Import Tool for Computer Log Forensic System.The author did laboratory testing and typical case testing on system prototype and the result was satisfying.