摘要(英) |
Enterprises are confronted with regulations, such as Sarbanes-Oxley Act and the new Personal Privacy law in Taiwan, as well as the requirement of increasing R&D investment in product innovation. In order to protect the confidential financial, personal and R&D information, multinational companies and government agencies, with growing attacks by hackers, all have to re-examine their internal network security for the protection of confidential information, e.g. evaluating data encryption technology to prevent information leakage. Moreover, the government and businesses have realized the importance of digital forensics in recent years. They need to have such capabilities as knowing when and how a hacking event happened, its impact and damage and what immediate and long-term solutions to take.
In this study, MS-Windows 7 operating system was used as the research platform, on which traces of data leakage cases were analyzed by various digital forensics tools. By collecting and analyzing evidences from different sources with time stamped, this study was able to validate the forensics results and make recommendations for information security departments of the government and business organizations.
It is found that the time related records of files contained in the operating system are not enough to put all relevant, indirect evidences together. The research recommends the organizations, depending on their needs, can enable related audit trails or adopt commercial security products, recognized by international courts, for more solid evidence establishment. |
參考文獻 |
【中文文獻】
1. 王旭正、林祝興、ICCL-資訊密碼暨建構實驗室 (2009),數位科技安全與鑑識:高科技犯罪預防與數位證據偵蒐,台北市:博碩文化出版公司。
2. 林山田、林東茂 (1997),犯罪學,台北市:三民書局出版。
3. 林宜隆 (2011),「網路釣魚之iPhone數位證據鑑識標準作業」,TWCERT / CC ePaper, 頁2-3。
4. 徐子健 (2010),Windows 7全新出擊:Plus進階應用,台北市:松崗。
5. 林宜隆、朱惠中、張志汖 (2008),「數位證據鑑識標準作業程序與案例驗證之建構—以 Windows XP 系統為例」,2008 年華梵大學數位科技與創新管理研討會。
6. 邱獻民、林宜隆 (2007),「數位證據在法庭上之攻防對策」,資訊科技與社群專刊。
7. 鄭惠雯、楊中皇 (2010),「校園電腦鑑識管理系統的設計與實現」,2010 第六屆知識社群研討會。
【英文文獻】
1. Casey, Eoghan (2000), Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet Academic Press.
2. Kale, S. A. (2012), “Data Leakage Detection,” International Journal of Advanced Research in Computer and Communication Engineering, November, 1-6.
3. Kent, Karen et al. (2006), “Guide to Integrating Forensic Technique into Incident Response,” NIST(National Institute of Standard and Technology) Special Tigation Publication 800-86, 4-9.
4. Kuchta, K. J. (2002), “Forensic Fieldwork: Experience Is the Best Teacher,” Information Systems Security, Vol. 3 Issue 1, 29-33.
5. Ponemon, Larry (2006), U.S. Survey: Confidential Data at Risk, Ponemon Institute August 2006, Ponemon Institute, 2-4.
6. Masters, G. & P. Turner (2007), “Forensic Data Recovery aand Examination of Magnetic Swipe Cloning Devices,” Digital Investigation, 4(1), 16-22.
7. Sethuraman, H. & M. A. Haseeb (2012), “Data Loss/Leakage Prevention (DLP),” Division of Computer and System Science at LULEÅ UNIVERSITY OF TECHNOLOGY, 29-30.
【網頁參考文獻】
1. 沈志昌、林敬皇,「Windows平台下的安全事件處理」。(存取日期:2013/4/3, 網址:http://cissnet.edu.tw/Page/Detail/63 )
2. 黃彥棻,「師法調查局鑑識經驗 掌握數位蒐證關鍵」。(存取日期:2013/4/3, 網址: http://www.ithome.com.tw/privacylaw/article/77374 )
3. 數位資安,「Verdasys DLP產品介紹」。(存取日期:2013/2/20, 網址: http://www.isecurity.com.tw/products/verdasys-digital-guardian )
4. 鑒真數位,「鑒真數位產品及工具」。(存取日期:2013/2/21, 網址: http://www.iforensics.com.tw/Products/index.html )
5. BSI (2013), “65% Company Worry About Cyber Attack in 2003.” (accessed 2013/2/16, available at: http://www.bsigroup.tw/upload/eNews/No108/BCI.pdf ).
6. Ho, Erica (2011), “Security Firm RSA Suffers Computer Attack, Leaving Corporations Vulnerable.” (accessed 2013/2/15, available at: http://techland.time.com/2011/03/18/security-firm-rsa-suffers-computer-attack-leaving-corporations-vulnerable/#ixzz2KwzsCJRL ).
7. Microsoft TechNet (2010), “Windows New Function of Security Audit.” (accessed 2013/2/20, available at: http://technet.microsoft.com/zh-tw/library/dd560628(v=WS.10).aspx ).
8. Milian, Mark (2011), “Sony: Hacker Stole PlayStation Users’ Personal Info.” (accessed 2013/2/14, available at: http://articles.cnn.com/2011-04-26/tech/playstation.network.hack_1_patrick-seybold-credit-card-sony-first?_s=PM:TECH).
9. RolandW-MS (2010), “Advanced Security Auditing in Windows 7 and Windows Server 2008 R2.” (accessed 2013/2/20, available at: http://social.technet.microsoft.com/wiki/contents/articles/325.advanced-security-auditing-in-windows-7-and-windows-server-2008-r2.aspx ). |