CN111312005A - Electronic evidence obtaining practical training platform based on virtualization technology - Google Patents
Electronic evidence obtaining practical training platform based on virtualization technology Download PDFInfo
- Publication number
- CN111312005A CN111312005A CN202010087986.6A CN202010087986A CN111312005A CN 111312005 A CN111312005 A CN 111312005A CN 202010087986 A CN202010087986 A CN 202010087986A CN 111312005 A CN111312005 A CN 111312005A
- Authority
- CN
- China
- Prior art keywords
- evidence obtaining
- practical training
- data
- technology
- electronic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012549 training Methods 0.000 title claims abstract description 44
- 238000005516 engineering process Methods 0.000 title claims abstract description 43
- 238000011835 investigation Methods 0.000 claims abstract description 17
- 238000012800 visualization Methods 0.000 claims abstract description 12
- 238000002474 experimental method Methods 0.000 claims abstract description 9
- 238000007726 management method Methods 0.000 claims description 20
- 238000000034 method Methods 0.000 claims description 12
- 238000011084 recovery Methods 0.000 claims description 7
- 238000012545 processing Methods 0.000 claims description 6
- 238000005336 cracking Methods 0.000 claims description 4
- 238000000605 extraction Methods 0.000 claims description 4
- 239000000463 material Substances 0.000 claims description 4
- 238000013500 data storage Methods 0.000 claims description 3
- 238000001514 detection method Methods 0.000 claims description 3
- 238000007619 statistical method Methods 0.000 claims description 3
- 238000012795 verification Methods 0.000 claims description 3
- 230000004927 fusion Effects 0.000 claims description 2
- 238000007405 data analysis Methods 0.000 abstract description 5
- 230000006870 function Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000008520 organization Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 239000012634 fragment Substances 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 238000005728 strengthening Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09B—EDUCATIONAL OR DEMONSTRATION APPLIANCES; APPLIANCES FOR TEACHING, OR COMMUNICATING WITH, THE BLIND, DEAF OR MUTE; MODELS; PLANETARIA; GLOBES; MAPS; DIAGRAMS
- G09B9/00—Simulators for teaching or training purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/26—Government or public services
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Educational Administration (AREA)
- Tourism & Hospitality (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Marketing (AREA)
- Human Resources & Organizations (AREA)
- Primary Health Care (AREA)
- Strategic Management (AREA)
- General Health & Medical Sciences (AREA)
- General Business, Economics & Management (AREA)
- Economics (AREA)
- Health & Medical Sciences (AREA)
- Development Economics (AREA)
- Educational Technology (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses an electronic evidence obtaining practical training platform based on virtualization technology, which belongs to the field of internet technology and judicial evidence obtaining, and comprises an application visualization layer, a service supporting layer, a data supporting layer, a supporting cloud platform, a standard authentication system and a security and confidentiality system, so that the problems of low teaching efficiency and lagged application technology of the traditional teaching mode are solved, and the electronic data investigation evidence obtaining technology, the professional data analysis and identification technology and the practice teaching platform technology can be fused with each other; the electronic data survey evidence-taking technology comprises various evidence-taking, analyzing and identifying software; the professional data analysis and identification technology is responsible for guiding how to use various novel electronic data evidence obtaining and judicial identification equipment to carry out operation experiments; the practice teaching platform technology comprises a practical teaching platform for realizing high efficiency and stability.
Description
Technical Field
The invention relates to the field of internet technology and judicial evidence obtaining, in particular to an electronic evidence obtaining practical training platform based on a virtualization technology.
Background
The method for fighting against computer network crime is a long-term behavior, needs a large amount of professional talents proficient in computer technology and network technology, extracts effective computer crime evidences by utilizing computer software and hardware technologies and adopting technical means meeting legal specifications so as to lead criminal suspects to be in law. At present, a plurality of novel electronic evidence obtaining devices are just introduced into a public security organization, and are not popularized in case handling units at the same line, and in addition, rapid development of computers and network technologies enables a traditional electronic evidence obtaining method and a case handling mode to be incapable of adapting to case investigation needs in a new situation, and the public security organization urgently needs a large number of electronic evidence obtaining professional talents.
The electronic evidence obtaining practical training platform takes virtualization technology as a core, integrates electronic data investigation evidence obtaining, professional data analysis and identification and practice teaching, and performs operation experiments of various novel electronic data evidence obtaining and judicial identification devices by integrating various evidence obtaining, analysis and identification software. The high-efficiency and stable electronic data evidence investigation experiment teaching platform is realized.
Disclosure of Invention
1. Technical problem to be solved
Aiming at the problems in the prior art, the invention aims to provide an electronic evidence obtaining practical training platform based on a virtualization technology, which can mutually fuse an electronic data investigation evidence obtaining technology, a professional data analysis and identification technology and a practice teaching platform technology; the electronic data survey evidence-taking technology comprises various evidence-taking, analyzing and identifying software; the professional data analysis and identification technology is responsible for guiding how to use various novel electronic data evidence obtaining and judicial identification equipment to carry out operation experiments; the practice teaching platform technology comprises a practical teaching platform for realizing high efficiency and stability.
2. Technical scheme
In order to solve the above problems, the present invention adopts the following technical solutions.
An electronic evidence obtaining practical training platform based on virtualization technology comprises an application visualization layer, a business supporting layer and a data supporting layer, wherein the application visualization layer comprises a visualization portal, an evidence obtaining application, an evidence obtaining course teaching, an evidence obtaining practical training teaching, an evidence obtaining examination and an evidence obtaining martial arts competition, the business supporting layer comprises a business data service processing layer, a task management engine, a business flow management engine, a rule management engine, a statistical analysis engine, an environment generation engine and data exchange processing and storage resources, the data supporting layer comprises a data abstraction layer, a distributed computing engine, structured/unstructured data storage, an algorithm library, a tool library and a knowledge library, data files generated by the data supporting layer adopt a distributed file system, the electronic evidence obtaining practical training platform further comprises a supporting cloud platform, and the supporting cloud platform comprises a cloud service interface and a super-fusion resource pool, the cloud service interface adopts OpenStack and a resource management layer, the super-fusion resource pool comprises a super-fusion platform, the super-fusion platform is fused with scene virtualization, storage virtualization, network virtualization and safety virtualization, and the super-fusion platform is further fused with a forensics tool library, a storage resource, a network resource, a disaster recovery resource and a device resource.
Further, the system also comprises a standard authentication system and a security and confidentiality system.
Furthermore, the electronic evidence obtaining practical training platform based on the virtualization technology supports a plurality of classified practical training experiments including electronic data evidence obtaining foundation, Windows/MacOS/Linux evidence obtaining, field investigation and verification, online extraction, remote investigation and verification, data recovery, password cracking and network evidence obtaining.
Furthermore, the electronic evidence obtaining practical training platform based on the virtualization technology supports a B/S framework.
Furthermore, the electronic evidence obtaining practical training platform based on the virtualization technology supports an extensible teaching resource library, including a practical training virtual machine library (including case information and corresponding material images of various typical cases), an evidence obtaining tool library (transferred in a virtual machine) and other resource libraries (supporting multimedia courses such as characters, presentation files, audio and video).
Furthermore, the electronic evidence obtaining practical training platform based on the virtualization technology provides a user authority management function and supports various users such as administrators, instructors and students.
3. Advantageous effects
Compared with the prior art, the invention has the advantages that:
the problem of traditional teaching mode teaching inefficiency and application technique laggard is solved:
(1) supporting on-line teaching contents and experimental environment of electronic data evidence obtaining and judicial identification processes;
(2) supporting a plurality of classified training experiments including electronic data evidence obtaining foundation, Windows/MacOS/Linux evidence obtaining, on-site investigation, on-line extraction, remote investigation, data recovery, password cracking and network evidence obtaining;
(3) by taking a virtualization technology as a core, integrating various evidence obtaining, analyzing and identifying software, carrying out various operation experiments, helping students to skillfully master the use methods of various commonly used electronic data evidence investigation tools and strengthening practical and manual operation performance;
(4) supporting a B/S framework, and students can remotely access the system in and out of a school through a browser to finish various basic operations and experimental course contents; the lessee-giving teacher can remotely access the background of the system through the browser to manage teaching resources and student information;
(5) support for online examination and online knowledge skill competition;
(6) the support extensible teaching resource library comprises a training virtual machine library (including case information and corresponding material detection mirror images of various typical cases), a evidence obtaining tool library (loaded in a virtual machine) and other resource libraries (supporting multimedia courses such as characters, presentation files, audio and video and the like);
(7) the system provides a user authority management function and supports various users such as administrators, instructors and students.
Drawings
FIG. 1 is a schematic diagram of the platform of the present invention;
fig. 2 is a block diagram of a plurality of sub-modules and network element devices of the present invention;
Detailed Description
The drawings in the embodiments of the invention will be combined; the technical scheme in the embodiment of the invention is clearly and completely described; obviously; the described embodiments are only some of the embodiments of the invention; but not all embodiments, are based on the embodiments of the invention; all other embodiments obtained by a person skilled in the art without making any inventive step; all fall within the scope of protection of the present invention.
In the description of the present invention, it should be noted that the terms "upper", "lower", "inner", "outer", "top/bottom", and the like indicate orientations or positional relationships based on those shown in the drawings, and are only for convenience of description and simplification of description, but do not indicate or imply that the referred device or element must have a specific orientation, be constructed in a specific orientation, and be operated, and thus should not be construed as limiting the present invention. Furthermore, the terms "first" and "second" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the present invention, it should be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "disposed," "sleeved/connected," "connected," and the like are to be construed broadly, e.g., "connected," which may be fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
Example 1:
referring to fig. 1-2, after being programmed by a programming engineer, the electronic evidence obtaining practical training platform based on a virtualization technology includes an application visualization layer, where the application visualization layer includes a visualization portal at a web page end, the visualization portal provides a user authority management function and supports multiple types of users such as administrators, instructors and trainees, and the visualization portal includes evidence obtaining applications such as Tcpdump, Argus, NFR, Tcpwrapper, Sniffers, Honeypot, Tripwires, netk monitor, mirror tools, daily evidence obtaining course teaching, daily evidence obtaining practical training teaching, daily evidence obtaining examination and special evidence obtaining biwu competition.
The system comprises a service support layer and a data support layer, wherein the service support layer comprises a service data service processing layer, a task management engine, a service flow management engine, a rule management engine, a statistical analysis engine, an environment generation engine, a data exchange processing layer and storage resources, the data support layer comprises a data abstraction layer, a distributed computing engine, a structured/unstructured data storage, an algorithm library, a tool library and a knowledge library, a data file generated by the data support layer adopts a distributed file system, the system further comprises a support cloud platform, the support cloud platform comprises a cloud service interface and a hyper-fusion resource pool, the cloud service interface adopts an OpenStack and a resource management layer, the hyper-fusion resource pool comprises a hyper-fusion platform, the hyper-fusion platform is fused with scene virtualization, storage virtualization, network virtualization and safety virtualization, and the hyper-fusion platform is further fused with a evidence obtaining tool library, Storage resources, network resources, disaster recovery resources, and device resources.
The electronic evidence obtaining practical training platform based on the virtualization technology is also maintained with a standard authentication system and a security system.
The support extensible teaching resource library comprises a training virtual machine library (including case information and corresponding material detection mirror images of various typical cases), a evidence obtaining tool library (loaded in a virtual machine) and other resource libraries (supporting multimedia courses such as characters, presentation files, audio and video and the like).
Supporting the B/S architecture.
The method supports a plurality of classified training experiments including electronic data evidence obtaining foundation, Windows/MacOS/Linux evidence obtaining, on-site investigation, on-line extraction, remote investigation, data recovery, password cracking and network evidence obtaining, and has better fusion degree with the prior art.
The electronic data evidence obtaining practical training platform consists of a plurality of sub-modules and network element equipment, the connection between different equipment is realized through a network virtualization technology, the specific connection mode is shown in figure 2, the electronic data evidence obtaining practical training platform consists of a server and a webpage, the server provides the attacking and defending teaching practical training service and provides the service to the outside in a Web mode, and the webpage logs in the platform through a Web browser and uses the service provided by the server. For the server, the system comprises a virtual host resource pool, a virtual network resource pool, a course teaching module, an evidence obtaining training module, a martial arts competition module, an online examination module and the like, wherein the virtual host resource pool and the virtual network resource pool are responsible for the setting and the deployment of a virtual environment and an evidence obtaining scene in the teaching training process, the course teaching module is responsible for the management of service contents and processes of electronic evidence obtaining and judicial appraisal teaching, such as courses, exercises, tests, students and the like, the evidence obtaining training module is responsible for the management of evidence obtaining training environment and task processes, the online examination module is responsible for the management of student score assessment and scores, and the martial arts competition module is responsible for the management of evidence obtaining environment, processes and results of martial arts competition.
This real standard platform of evidence is got to electron:
the electronic evidence-taking knowledge and the law are split into smaller knowledge points, so that the learning and understanding difficulty is reduced;
training is carried out by combining with the actual electronic evidence obtaining environment, and the impression of the trainees is deepened;
comprehensively and systematically obtaining evidence by electronic data and training on-site investigation knowledge and laws;
the study can be carried out through the online platform at any time and any place, so that the student can conveniently use the fragment time;
the system can be used for holding martial arts competitions and examinations on line and evaluating the student level;
real electronic evidence obtaining equipment and a field investigation environment are used for students to visit.
The traditional electronic evidence obtaining method and the traditional case handling mode can not meet the current case investigation requirements, a large number of electronic evidence obtaining professional talents need to be cultured, and for public security institutions, the learning quality of each student can not be guaranteed due to limited construction expenses of a school laboratory. Therefore, an electronic evidence obtaining practical training platform is provided, and the problem is solved. This real standard platform of collecting evidence of electron is compatible good, can be compatible current school's laboratory facility, can provide more efficient more comprehensive teaching of collecting evidence simultaneously, provides important basis for the platform teaching.
The above; but are merely preferred embodiments of the invention; the scope of the invention is not limited thereto; any person skilled in the art is within the technical scope of the present disclosure; the technical scheme and the improved concept of the invention are equally replaced or changed; are intended to be covered by the scope of the present invention.
Claims (6)
1. Real standard platform of obtaining evidence of electron based on virtualization technique, its characterized in that: the system comprises an application visualization layer, a business support layer and a data support layer, wherein the application visualization layer comprises a visualization portal, an evidence obtaining application, an evidence obtaining course teaching, an evidence obtaining training teaching, an evidence obtaining examination and an evidence obtaining martial arts competition, the business support layer comprises a business data service processing layer, a task management engine, a business flow management engine, a rule management engine, a statistical analysis engine, an environment generation engine, a data exchange processing and storage resource, the data support layer comprises a data abstraction layer, a distributed computing engine, a structured/unstructured data storage, an algorithm library, a tool library and a knowledge base, a distributed file system is adopted for data files generated by the data support layer, the system further comprises a support cloud platform, the support cloud platform comprises a cloud service interface and a super fusion resource pool, the cloud service interface adopts an Openck Stack and a resource management layer, the super-fusion resource pool comprises a super-fusion platform, wherein the super-fusion platform is fused with scene virtualization, storage virtualization, network virtualization and safety virtualization, and the super-fusion platform is further fused with a evidence obtaining tool library, storage resources, network resources, disaster recovery resources and equipment resources.
2. The electronic evidence obtaining practical training platform based on virtualization technology according to claim 1, wherein: and the system also comprises a standard authentication system and a security and confidentiality system.
3. The electronic evidence obtaining practical training platform based on virtualization technology according to claim 1, wherein: the electronic evidence obtaining practical training platform based on the virtualization technology supports a plurality of classified practical training experiments including electronic data evidence obtaining foundation, Windows/MacOS/Linux evidence obtaining, on-site investigation and verification, on-line extraction, remote investigation, data recovery, password cracking and network evidence obtaining.
4. The electronic evidence obtaining practical training platform based on virtualization technology according to claim 1, wherein: the electronic evidence obtaining practical training platform based on the virtualization technology supports a B/S framework.
5. The electronic evidence obtaining practical training platform based on virtualization technology according to claim 1, wherein: the electronic evidence obtaining practical training platform based on the virtualization technology supports an extensible teaching resource library, and comprises a practical training virtual machine library (including case information and corresponding material detection mirror images of various typical cases), an evidence obtaining tool library (loaded in a virtual machine) and other resource libraries (supporting multimedia courses such as characters, presentation files, audio and video and the like).
6. The electronic evidence obtaining practical training platform based on virtualization technology according to claim 1, wherein: the electronic evidence obtaining practical training platform based on the virtualization technology provides a user authority management function and supports various users such as administrators, instructors and students.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010087986.6A CN111312005A (en) | 2020-02-12 | 2020-02-12 | Electronic evidence obtaining practical training platform based on virtualization technology |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010087986.6A CN111312005A (en) | 2020-02-12 | 2020-02-12 | Electronic evidence obtaining practical training platform based on virtualization technology |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111312005A true CN111312005A (en) | 2020-06-19 |
Family
ID=71161760
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010087986.6A Pending CN111312005A (en) | 2020-02-12 | 2020-02-12 | Electronic evidence obtaining practical training platform based on virtualization technology |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111312005A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114217690A (en) * | 2021-12-07 | 2022-03-22 | 南京森林警察学院 | Training method for electronic data extraction based on virtual simulation technology |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103425563A (en) * | 2013-07-04 | 2013-12-04 | 上海交通大学 | Online input/output (I/O) electronic evidence obtaining system and method based on virtualization technology |
US8868728B2 (en) * | 2010-03-11 | 2014-10-21 | Accenture Global Services Limited | Systems and methods for detecting and investigating insider fraud |
CN104516954A (en) * | 2014-12-15 | 2015-04-15 | 公安部第一研究所 | Visualized evidence obtaining and analyzing system |
CN108711031A (en) * | 2018-04-13 | 2018-10-26 | 广州中国科学院软件应用技术研究所 | A kind of intelligent terminal electron evidence library management training system and method |
CN109147447A (en) * | 2017-06-16 | 2019-01-04 | 云南电网有限责任公司信息中心 | A kind of network-combination yarn target range actual combat system based on virtualization technology |
-
2020
- 2020-02-12 CN CN202010087986.6A patent/CN111312005A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8868728B2 (en) * | 2010-03-11 | 2014-10-21 | Accenture Global Services Limited | Systems and methods for detecting and investigating insider fraud |
CN103425563A (en) * | 2013-07-04 | 2013-12-04 | 上海交通大学 | Online input/output (I/O) electronic evidence obtaining system and method based on virtualization technology |
CN104516954A (en) * | 2014-12-15 | 2015-04-15 | 公安部第一研究所 | Visualized evidence obtaining and analyzing system |
CN109147447A (en) * | 2017-06-16 | 2019-01-04 | 云南电网有限责任公司信息中心 | A kind of network-combination yarn target range actual combat system based on virtualization technology |
CN108711031A (en) * | 2018-04-13 | 2018-10-26 | 广州中国科学院软件应用技术研究所 | A kind of intelligent terminal electron evidence library management training system and method |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114217690A (en) * | 2021-12-07 | 2022-03-22 | 南京森林警察学院 | Training method for electronic data extraction based on virtual simulation technology |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
MacDermott et al. | Iot forensics: Challenges for the ioa era | |
Yasinsac et al. | Computer forensics education | |
CN113872960A (en) | Network security target range for power industry and operation method thereof | |
Kessler et al. | A proposed curriculum in cybersecurity education targeting homeland security students | |
CN106935094A (en) | A kind of Network Security Teaching system based on virtual reality | |
CN113496638A (en) | Network security training system and method | |
Belshaw | Next Generation of Evidence Collecting: The Need for Digital Forensics in Criminal Justice Education. | |
Wahsheh et al. | Practical cyber security training exercises | |
Pan et al. | Game-based forensics course for first year students | |
CN111312005A (en) | Electronic evidence obtaining practical training platform based on virtualization technology | |
Srinivasan | Digital forensics curriculum in security education | |
CN109584127A (en) | A kind of teaching resource management method and system for experimental teaching | |
Rjaibi et al. | Mean failure cost as a measurable value and evidence of cybersecurity: E-learning case study | |
CN109063485A (en) | A kind of vulnerability classification statistical system and method based on loophole platform | |
CN115134127A (en) | Electric power monitoring network safety test system | |
Cigoj et al. | An innovative approach in digital forensic education and training | |
KR102290468B1 (en) | System for managing online learning | |
Zacharis et al. | Ai-assisted cyber security exercise content generation: Modeling a cyber conflict | |
Andrade et al. | Information Security Management in a Higher Education Institution Based on Standards, Legal Basis for the Optimization of Administrative Resources | |
Choi et al. | Feasibility of virtual security laboratory for three-tiered distance education | |
Peterson et al. | Graduate digital forensics education at the Air Force Institute of Technology | |
Wei et al. | Cloud Model of Application of SDN Data to Information Management of College Students' Archives | |
CN114217690A (en) | Training method for electronic data extraction based on virtual simulation technology | |
Elgamal et al. | The Effectiveness of a proposed system Based on desktop virtual reality to promote the basic concepts of Computer security | |
Leng | Transforming Digital Forensics Training: A Competition Insight |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200619 |