信息网络安全

信息网络安全 ›› 2014, Vol. 14 ›› Issue (9): 184-188.doi: 10.3969/j.issn.1671-1122.2014.09.042

• 入选论文 • 上一篇    下一篇

面向IaaS云服务基础设施的电子证据保全与取证分析系统设计

吴羽翔, 李宁滨, 金鑫, 楼叶   

  1. 中国人民公安大学,北京102623
  • 收稿日期:2014-08-06 出版日期:2014-09-01
  • 作者简介:吴羽翔(1993-),男,江西,本科,主要研究方向:信息网络安全;李宁滨(1993-),男,贵州,本科,主要研究方向:信息网络安全;金鑫(1992-),男,甘肃,本科,主要研究方向:信息网络安全;楼叶(1992-),女,浙江,本科,主要研究方向:信息网络安全。

Electronic Evidence and Forensic Analysis System Design of IaaS Cloud Service-oriented Infrastructure Preservation

WU Yu-xiang, LI Ning-bin, JIN Xin, LOU Ye   

  1. Chinese People΄s Public Security University, Beijing 102623, China
  • Received:2014-08-06 Online:2014-09-01

RichHTML

0

PDF (PC)

140

摘要: 随着云技术在计算机网络领域的广泛应用,云环境下的安全审计与电子取证需求也日益迫切。由于云取证与传统计算机取证在取证环境、证据获取及证据分析方面有较大区别,目前尚缺乏有效的针对云的电子取证方法及技术手段,云系统作为一种信息系统,其可审计性得不到保证。文章设计了一套新的云取证系统,面向IaaS云服务的基础设施,通过采集终端对云系统中虚拟机进行监控并主动采集证据,同时将采集到的证据集中存放于一处,取证系统实时取证、证据集中保全的特性可以有效应对云环境下证据易失、证据提取困难的特点,达到高效取证。

关键词: 云取证, IaaS云服务, 动态取证, 证据保全

Abstract: With the cloud technology is widely used in the field of computer networking, security, audit and e-discovery needs of cloud environments is increasingly urgent. As the cloud with traditional computer forensics evidence is quite different in the forensic environment, obtaining evidence and evidence analysis, the current lack of effective methods for cloud forensics and electronic techniques, the cloud system as an information system, which was auditability can not be guaranteed. This paper presents a new set of cloud forensics systems for infrastructure IaaS cloud services, data collection terminals through cloud system virtual machine monitor and actively collect evidence, and the evidence collected will be stored centrally in one place, forensics system Real-time forensics, evidence preservation features centralized cloud environment can effectively deal with volatile evidence, the evidence difficult to extract features, to achieve efficient forensics.

Key words: cloud forensics, IaaS cloud service, dynamic forensics, evidence preservation