论文部分内容阅读
USB设备的种种优势使它很快普及起来,同时也被用于违规行为。如存储非法数据、盗窃专有数据、发布恶意软件等。因此在信息安全调查分析中,需要有一定的方法去调查和分析USB存储设备的使用。调查往往涉及确定一个USB设备是否在一个系统中使用过,以及确定是被哪一个特定的用户使用过。本文将从注册表、链接文件、还原点、关键字搜索等方面提出USB设备使用痕迹调查的方法与实现,旨在为同类型的数据调查提供一定借鉴思路。
The advantages of USB devices make it very popular, and are also used for irregularities. Such as storing illegal data, theft of proprietary data, the release of malicious software. Therefore, in information security investigation and analysis, there is a need to have some way to investigate and analyze the use of USB storage devices. Often the investigation involves determining whether a USB device has been used in a system and determining which particular user has used it. This article will put forward the method and implementation of the trace of USB device usage from the aspects of registry, link file, restore point, keyword search and so on. The purpose of this paper is to provide some reference ideas for the same type of data survey.