{"title":"台湾地区信息通信安全取证技术能力研究","authors":"I. Lin, Hong-Cheng Yang, Guo-Long Gu, A. C. Lin","doi":"10.1109/CCST.2003.1297591","DOIUrl":null,"url":null,"abstract":"There are constant occurrences of Internet security problems due to its rapid development. It is important to maintain Internet security system during and after the occurrences to collect evidence and forensics essences by various devices, such as hard disk, system log, firewall, IDS log, processes, as well as Internet connections. It would be even more beneficial to the forensic process if evidence could be established and kept well before such an incident happened. Most government organizations lack sufficient knowledge of security system techniques and they still believe that this technical part of the work belongs to the police. In fact, we cannot guarantee a perfect stage, but at least we can figure out what the problem is and trace where the attack is from, and that is the mission of computer forensics. Schools or institutes that are engaged in research and development of relative security system techniques are doing their own work; thus, capabilities of computer forensics have been dispersed. Therefore, in order to enhance the forensic skill of information and communication security and ability, what we really need is a complete plan so as to integrate the forensic skill of information and communication security and ability.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"A study of information and communication security forensic technology capability in Taiwan\",\"authors\":\"I. Lin, Hong-Cheng Yang, Guo-Long Gu, A. C. Lin\",\"doi\":\"10.1109/CCST.2003.1297591\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"There are constant occurrences of Internet security problems due to its rapid development. It is important to maintain Internet security system during and after the occurrences to collect evidence and forensics essences by various devices, such as hard disk, system log, firewall, IDS log, processes, as well as Internet connections. It would be even more beneficial to the forensic process if evidence could be established and kept well before such an incident happened. Most government organizations lack sufficient knowledge of security system techniques and they still believe that this technical part of the work belongs to the police. In fact, we cannot guarantee a perfect stage, but at least we can figure out what the problem is and trace where the attack is from, and that is the mission of computer forensics. Schools or institutes that are engaged in research and development of relative security system techniques are doing their own work; thus, capabilities of computer forensics have been dispersed. Therefore, in order to enhance the forensic skill of information and communication security and ability, what we really need is a complete plan so as to integrate the forensic skill of information and communication security and ability.\",\"PeriodicalId\":344868,\"journal\":{\"name\":\"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2003-10-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCST.2003.1297591\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCST.2003.1297591","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A study of information and communication security forensic technology capability in Taiwan
There are constant occurrences of Internet security problems due to its rapid development. It is important to maintain Internet security system during and after the occurrences to collect evidence and forensics essences by various devices, such as hard disk, system log, firewall, IDS log, processes, as well as Internet connections. It would be even more beneficial to the forensic process if evidence could be established and kept well before such an incident happened. Most government organizations lack sufficient knowledge of security system techniques and they still believe that this technical part of the work belongs to the police. In fact, we cannot guarantee a perfect stage, but at least we can figure out what the problem is and trace where the attack is from, and that is the mission of computer forensics. Schools or institutes that are engaged in research and development of relative security system techniques are doing their own work; thus, capabilities of computer forensics have been dispersed. Therefore, in order to enhance the forensic skill of information and communication security and ability, what we really need is a complete plan so as to integrate the forensic skill of information and communication security and ability.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
