| With the increasing computer crime, questions on the theory and methods of computer forensics have been researched and several achievements have been obtained.First, the theory and methods of the computer forensics has been summarized. Asthe theory of Computer Forensics in China is still at the imperfections, and the practical application is not enough, this paper summarized international and domestic computer forensics firstly, including the concept, principles, steps and tools. The paper also introduces the computer anti-ForensicsSecond, a concept-Positive Computer Forensics is proposed. Positive Computer Forensics refers to the computer forensics activity during the attack or the preparation of the computer forensics. Positive Computer Forensics can make a alarm in the process of computer crime more than after the crime occurs. It refers to the preparations too.Third, concept of law and legal provisions related Computer Forensics have been summarized.Fourth, honeypot System has been researched as a technique of the Positive Computer Forensics. Honeypot is a network trap or decoy system. It can lure attackers and deceive them spend time resource attacking honeypot, protecting production resources from attack. Honeypot can monitor and track the attackers, collect information on them so that analyze the threats of systems, learn the tools, tactics, and motives of attackers. As honeypot has alarm functions and data capture functions, it is very suitable as a computer forensics system.Fifth, a solution of network real-name system is proposed. This paper discusses the state of network real-name system and analyzes the exiting techniques. As the exiting program can not protect users' privacy effectively and can not examine the users' true identity, a new solution is presented to ensures the authentication, protect the privacy, and overcome then exiting problems. |
PDF Full Text Request