【摘要】 针对Brian Carrier和Eugene H.Spafford提出的数字调查过程模型存在前期准备不足、没有把攻击前预防作为取证过程的一个阶段的特点,首次提出了基于安全态势评估的数字取证模型,通过基于层次分析法(AHP)的安全态势评估,进而得到计算机系统的风险指数,从而可以提高计算机犯罪取证的可行性、准确性及效率。更多还原

【Abstract】 Since the Digital Investigation Process Model proposed by Brian Carrier and Eugene H.Spafford has insufficient preparation,and lack of prevention as a stage of the process before the attack,we put forward digital forensic models based on the assessment of security situation.First,the digital investigation process model is analyzed,pointing out that in the preparation stage the host and network security have not been considered,as well as evidence collection system pre-installation.Therefore,security situation evaluation based on the Analytic Hierarchy Process(AHP),and then get the risk index of computer system,which can increase the feasibility,accuracy and efficiency of computer crime forensics.更多还原