计算机取证论文.doc
Introduction to Computer Forensics
Software Piracy Case
Di Huang NUIST Computer and software college
07 computer application class 2
e-mail:563834139@
Abstract: In an investigation of a case of suspected software piracy. An individual is believed to be copying software at their residence and selling it with cracked encryption keys. The police have received a search warrant and have brought you with them to identify and gather evidence. This report shows a brief section on the methodology to conduct the investigation with a Minimal Chain of Custody document.
Keywords: Investigation, Forensics, Methodology
Section 1:
Introduction
Before this assessment begin, there are some information i should give first, i have been asked to help in an investigation into a case of suspected software piracy. An individual is believed to be copying software at their residence and selling it with cracked encryption keys. The police have received a search warrant and have brought you with them to identify and gather evidence.
And this assessment is all about the steps, the methodology you are going to use to conduct the investigation. All i am done are follwed the process of the forensics:
1. Preparation?for?the?investigation2. Collection?of?the?data; 3. Examination;4. Analysis;5. Reporting
The forensics proecss
Preparation for the investigation.
Before I have been the scene, I should know about the case, I should collection all the information that is available and analysis this information so I can know what should I do and what kinds of devices I should bring to the scene.
Collection of the data
When I got the scene, before I touching anything, looked around and took pictures of everything.
Second, I began to collect the Evidence follows:
1) Collecting?Digital?Evidence Digital evidence or electronic evidence is any probative information stored or transmitted in digital form that a party to a court case may use at trial. Digital evidence can be collected from man