| Computer crime activities have been gradually increased by the rapid development of computer network. The development of computer forensics technology has attracted more and more attention. In order to meet the needs of different forensic scenes, the industry needs feature-rich and practical forensic tools. Based on huge users of windows operate system, we do research on forensics system of unrevealed information based on Windows OS environment. The research has both strong theoretical and practical values.In this paper, we do research on computer forensics technology and fields of data mining classification techniques. This paper proposed a model of forensics system integrating electronic evidence collection, electronic evidence classification and electronic evidence display together.Firstly, this paper deeply analyzes on mainstream browser kernel mechanism, does research on browser trace extraction technology from the perspective of computer forensics, and extracts large number of effective Web electronic document information. This paper also focuses on the e-mail forensics, mail system composition and mail encoding format and identifies the authenticity of mail header information from the perspective of e-mail forensics.For the great amount of data of electronic evidence and chaotic characteristics, this paper also does research on the text categorization model based on naive Bayesian algorithm taking Web text categorization and message classification experiment as example, and designs for fusion classification of forensics model. Through the simulation comparison of multi-learner and single learner performance, it blends in with higher classification performance of ensemble learning classification thought. The system is combined with traditional electronic evidence extraction technology and data mining technology and it can effectively classify the chaotic mass of electronic evidence. It greatly improves the forensics precision and efficiency. |
PDF Full Text Request