跳到主要內容

臺灣博碩士論文加值系統

(54.224.133.198) 您好!臺灣時間:2022/01/29 22:26
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:楊文超
研究生(外文):Wen-Chao Yang
論文名稱:不信任區域網路中數位證據保留之研究
論文名稱(外文):The Research of Keeping Digital Evidence in Untrusted Local Area Network
指導教授:林熙禎林熙禎引用關係陳奕明陳奕明引用關係
指導教授(外文):Shi-Jen LinYi-Ming Chen
學位類別:碩士
校院名稱:國立中央大學
系所名稱:資訊管理研究所
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
論文出版年:2002
畢業學年度:90
語文別:中文
論文頁數:76
中文關鍵詞:數位證據容錯性資訊安全電腦犯罪資訊分散演算法網路模擬
外文關鍵詞:Network SimulationInformation Dispersal AlgorithmComputer CrimeInformation SecurityDigital EvidenceFault Tolerance
相關次數:
  • 被引用被引用:10
  • 點閱點閱:339
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:2

電腦犯罪與資訊安全事件發生件數的成長,使得企業或電腦使用者不得不正視此一問題。但常因為證據資料的刪除,而無法發現事件的發生;另外,就目前的電腦鑑識研究而言,雖然可以處理大多電腦犯罪事件,但是,對於技術高深的入侵者而言,要刪除證據資料且無法回復並非不可能做到。
本文之『不信任區域網路』,乃相對於Bruce Schneier所提出之網路上具有可信任之主機而言,故本研究之前提乃視所有於區域上之主機皆不可信,傳遞之資料皆須進行保護。
利用簡單的「公開加密機制」與具機密性和完整性的「分散式容錯機制」,建立具完整性、鑑別性、可用性及彈性的數位證據保留架構,有效地將可證明不法事件事實的數位資料,轉換成具(n╱m)容錯比例與企業內部亦無從竄改之數位證據。
並於上述架構中加入檢查機制,將原須約檢查[n/2]次(假設共有n筆資料)方可找出資料關鍵處的檢查方法,有效的減為約檢查[(2+n)/8]+2次,便可達到。
此架構的建置可同時確保公司內、外部犯罪證據之安全性,並經網路模擬器實驗模擬,該架構可於區域網路上建置,不至於造成網路癱瘓。


By the rate of the information secirty events and computer crimes happened increasing, the business and computer users must face up to the problem. Because the high volatility of digital evidence, the illegal user do not usually cover up the happened event but also hide the actions what they do.
The research focuses on how to storage the digital evidence and keep the admissibility and weight of the digital evidence at the same time. The word “untrusted LAN” is oppsited to the Bruce Schneier’s “Trusted Machine”, means no trusted machines in the LAN, therefore any evidence that will be storaged must be protected or it will be broken.
After studying the Secure Log, Cryptography, and Fault Tolerance domains, we provide a solution, “ The framework of Keeping Digital Evidence”. The flexible framework can transfer important data about the illegal event to the digital enidence that cannot be modify and has n/m fault tolerance rate. Then we design a checking function, it can decrease the mean of check times from [n/2] to [(2+n)/8]+2.Finally we use the Network Simulator 2 program to simulate our framework in LAN, to valid the framework can implement in LAN without crashing the network traffic.


第一章緒論1
1.1研究背景與動機1
1.2研究目的3
1.3研究假設與限制4
1.4預期貢獻5
1.5研究架構5
1.6章節簡介8
第二章文獻探討9
2.1數位證據與電腦鑑識(Digital Evidence and Computer Forensics)9
2.2密碼學(Cryptography)11
2.3安全稽核(Secure Audit)26
2.4容錯(Fault Tolerance)27
第三章數位證據保留架構33
3.1數位證據保留架構35
3.2產生階段38
3.3還原階段40
3.4檢查階段46
第四章網路模擬54
4.1NS2簡介54
4.2網路模擬實驗55
第五章結論與建議65
5.1研究發現65
5.2研究貢獻65
5.3研究限制66
5.4未來研究方向66
參考文獻68
網頁資料68
中文文獻69
英文文獻70
附錄A 資訊分散演算法(IDA)74


網頁資料1.政府憑證管理中心網站, http://www.pki.gov.tw, Date 2002/05/24.2.America Computer Industry Almanac. Data from http://japanonline.hypermart.net/new_page_239.htm, Date 2002/05/24.3.Computer Emergency Response Team (CERT), http://www.cert.org/stats/cert_stats.html, Date 2002/05/24.4.Dai, Wei’s Home Page, Speed Comparison of Popular Crypto Algorithms, http://www.eskimo.com/~weidai/benchmarks.html, Date 2002/05/24. 5.Federal Rules of Evidence 803, Hearsay Exceptions; Availability of Declarant Immaterial, Data from http://www.courtrules.org/r803hear.htm, Date 2002/05/246.Federal Rules of Evidence 902, Self-authentication, Data from http://www.courtrules.org/r902self.htm, Date 2002/05/24.7.Kerr, Orin S., Computer Crime and Intellectual Property Section(CCIPS) Search and Seizing Computer and Obtaining Electronic Evidence in Criminal Investigations, January 2001, Data from http://www.cybercrime.gov/searchmanual.htm, Date 2002/05/24.8.Network Simulator Version 2. http://www.isi.edu/nsnam/ns/, Date 2002/05/24.9.Research using Network Simulator. http://www.isi.edu/nsnam/ns/ns-research.html, Date 2002/05/24. 中文文獻10.林煒翔,電腦犯罪模式分析,民國八十七年,中央警察大學警政研究所碩士論文。11.黃世昆,防止攻擊跳板主機之安全管理策略,中央大學演講,民國九十年十月十八日。12.黃東熊,證據法綱要,民國八十三年,中央警察大學印行。13.蔡文輝,社會學,民國八十九年,台北市:三民書局。14.鍾慶豐編著,近代網路安全與編碼機制原理、實作,民國九十一年,台北市:儒林圖書有限公司。 英文文獻15.Bates, Jim, “Fundamentals of Computer Forensics,” Information Security Technical Report, Vol. 3, No. 4, 1998, p. 75-78.16.Bates, Jim, “Computer Evidence — Recent Issues,” Information Security Technical Report, Vol. 5, No. 2, 2000, p. 15-22.17.Berkeley NS research group, USC/ISI and Xerox PARC, The NS Manual, 2001.18.Bestavros, Azer, “An Adaptive Information Dispersal Algorithm for Time-critical Reliable Communication.” In Ivan Frisch, Manu Malek, and Shivendra Panwar,” Editors, Network Management and Control. Vol. II, Chapter 6, Plenum Publishing Corporation, New York, 1994, p. 423-438.19.Bigler, Mark, “Computer Forensics Gear,“ Internal Auditor, 2001.20.Casey, Eoghan: Digital Evidence and Computer Crime. Academic Press, 2000.21.Chen, Peter M., Edward K. Lee, Garth A. Gibson, Randy H. Katz, David A. Patterson, “RAID: High-Performance, Reliable Secondary Storage,” ACM Computing Surveys, Vol. 26, No. 2, June 1994, p. 145-185.22.Civie, Victor, and Richard Civie, “Future Technologies from Trends in Computer Forensic Science,” Information Technology Conference IEEE, 1998. 23.Davis, Bryan j., “Computer Intrusion Investigation Guidelines,” FBI Law Enforcement Bulletin, January 2001, p. 8-11.24.Federal Information Processing Standards, “DATA ENCRYPTION STANDARD (DES),” FIPS PUB 46-3, 1977.25.Federal Information Processing Standards, “SECURE HASH STANDARD (SHA),” FIPS PUB 180-1, 1993.26.Goan, Terrance, ”A Cop on the Beat: Collecting and Appraising Intrusion Evidence,” Communications of the ACM, Vol. 42, No. 7, 1999, p. 46-52.27.Hafner, Katherine & John Markoff: Cyberpunk. New York: Simon & Schuster, 1991.28.Icove, David, Karl Seger & William VonStorch: Computer Crime. O’Reilly & Associates, Inc., 1995.29.Iyengar, Arun, Robert Cahn, Juan Garay, and Charanjit Jutla, “Design and Implementation of a Secure Distributed Data Repository,” In Proceedings of the 14th IFIP International Information Security Conference (SEC '98), Vienna, Austria and Budapest, Hungary, September 1998.30.Kelsey, John, Bruce Schneier, and Chris Hall, “An Authenticated Camera,” Computer Security Applications Conference, 1996, p. 24-3031.Kruse, II Warren G. and Jay G. Heiser: Computer Forensics., Addison-Wesley, 2001.32.Kurtz, George, Stuart McClure and Joel Scambray: Hacking Exposed: Network Security Secrets & Solutions. 1999, McGraw-Hill, Inc.33.Krawczyk, Hugo, “Distributed fingerprints and secure information dispersal,” In Proceedings of the 12th ACM Symposium on Principles of Distributed Computing, 1993, p. 207-218.34.Lai, Xuejia and James L. Massey, “A Proposal for a New Block Encryption Standard,” Proceedings of EUROCRYPT’90, Springer-Verlag, 1991, p. 389-404.35.Mansfield, Richard: Hacker Attack! , CA: SYBEX Inc., 2000.36.Mirsky, L.: An Introduction to Linear Algebra. Dover, New York, 1963.37.Nakayama, Marvin K., Bülent Yener, “Optimal Information Dispersal for Probabilistic Latency Targets,” Computer Networks, Vol. 36, Issue 5-6, August 2001, p. 695-707.38.Patterson, David A., Garth Gibson, and Randy H. Katz, “A case for Redundant Arrays of Inexpensive Disks (RAID),” In Proceedings of ACM SIGMOD International Conference on Management of Data, June 1988, p. 109-116.39.Patzakis, John M., “Electronic Evidence Discovery: From High-End Litigation Tactic to Standard Practice,” Federal Discovery News, Vol. 6, No. 10, September, 2000, p. 3-4.40.Pfleeger, Charles P.: Security in Computing. Second Edition, NJ: Simon & Schuster, 1997.41.Phillips, B.J. and N. Burgess, “Implementing 1,024-bit RSA Exponentiation on a 32-bit Processor Core,” Proceedings of the IEEE International Conference on Application-Specific Systems, Architectures, and Processors (ASAP'00), 2000, p. 127-137.42.Rabin, Michael O., “Efficient Dispersal of Information for Security, Load Balancing, and Fault Tolerance,“ Journal of ACM, Vol. 36, No. 2, 1989, p. 335-348.43.Rivest, Ronald L., “The RC5 Encryption Algorithm,” Dr. Dobb’s Journal, January 1995.44.Rivest, R. L., A. Shamir, and L. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Communications of the ACM, Vol. 21, No. 2, February 1978, p. 120-126.45.Schneier, Bruce: Applied Cryptography. Second Edition, John Wiley & Sons, 1996.46.Schneier, Bruce and John Kelsey, “Cryptographic Support for Secure Logs on Untrusted Machines,” In Proceedings of the International Workshop on USENIX Security Symposium, USENIX Assoc., Berkeley, CA, 1998, p. 53-62.47.Schneier, Bruce and John Kelsey, “Minimizing Bandwidth for Remote Access to Cryptographically Protected Audit Logs,” Second International Workshop on the Recent Advances in Intrusion Detection (RAID '99), September 1999.48.Schneier, Bruce and John Kelsey, “Secure Audit Logs to Support Computer Forensics,” ACM Transactions on Information and System Security, Vol. 2, No. 2, 1999, p. 159-176.49.Shamir, Adi, “How to Share a Secret,” Communications of the ACM, Vol. 22, No. 11, 1979, p. 612-613.50.Sommer, Peter, “Digital Footprints: Assessing Computer Evidence“, Criminal Law Review Special Edition, 1998, p. 61-78.51.Sommer, Peter, “Intrusion Detection System as Evidence”, Computer Networks, Vol. 31, 1999, p. 2477-2487.52.Stallings, William: Cryptography and Network Security: Principles and Practices. Second Edition, Prentice Hall International, 1999.

QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊