The Research On Computer Forensics Evidence Analysis

The twenty-first century, the IT developes rapid, and the Internet industry is growing explosive. With the convenient ability to upgrade computer and network information processing and applications, scientific research, education, public utilities, political, military, economy, almost every area are beginning to rely on the Internet and computer applications. People’s lives have become increasingly dependent on the application of computers and the Internet, followed by illegal intruders use of computers and networks more and more harm to society. Computer and network technology continues to evolve at the same time, the use of computer crime and the means of computers and the Internet also continue to increase and improve its hazards and influence is growing. In the research process to deal with cyber threats measures, there have been some very good results, such as firewalls, DMZ technology fortress, honeypots, VPN, intrusion detection/defense system, Anti-DDoS systems, etc., but the purpose of the purpose of these technologies in defense, but could do nothing for the tracking and reconstruction of intrusion. Through the use of computer forensics analysis, tracking and reconstruction of the criminal process, you can effectively combat and curb computer crime.Computer Forensics include evidence acquisition, analysis of the evidence and the evidence submitted to the three processes, the analysis of the evidence is the reconstruction of the main steps of the criminal process is to ensure that the evidence presented to the court whether the legal and valid, authentic, probative force and can be the court accepted the key steps. Mass in the face of the evidence analysis, complex electronic data, data mining technology for analysis and effective way.This paper analyzes the application of data pre-processing technology, the use of Fuzzy C-Means clustering algorithm, particle swarm optimization algorithm and ant colony optimization algorithm to analyze the log data, while summing up the other models on the basis put forward a host and network integration forensics system model.