摘 要: 首先介绍了智能设备进行易失性数据取证的重要性,并说明了其难点在于对易失性数据的获取上,其后介 绍了几种易失性数据获取的方法。但是每种方法都有缺陷,因此提出了一种基于备份的易失性数据获取方法,没有使用 环境的要求,也不会污染其他进程的易失性数据,对不同操作系统的支持也比较好,使得取证人员能够很方便获取重要 的证据数据。 |
关键词: 智能设备;易失性数据;取证;基于备份 |
中图分类号: TP309
文献标识码: A
|
|
A Method for Obtaining Mobile Phone Lost Data Based on Backup |
CAO Fei,HU Tao1,2
|
1.( 1.College of Computer Science, Chongqing University, Chongqing 400044, China;2. 2.Chongqing Chengtou Road and Bridge Administration Co., Ltd., Chongqing 400044, China)
|
Abstract: In this paper,we introduces the importance to carried out volatile data from smart devices and explains their difficulty lies in obtaining data on the volatile.Thereafter describes several methods to capture the volatile data.But all methods have different drawbacks,so we proposed a method based on backup of volatile data acquisition,which does not have environmental requirements,also will not contaminate other processes of volatile data,supports for different operating systems is relatively good,so that people can easily obtain evidence important evidence data. |
Keywords: smart devices;volatile data;live forensics;backup |