网络舆情数据采集系统的开发设计毕业论文.docx

网络舆情数据采集系统开发 摘 要 随着计算机技术的迅猛发展与互联网的广泛使用，人类社会步入全球信息化时代。计算机和通信应用软件越来越多样化。与此同时，人们的隐私和需要保护的资料越来越多，面临的隐私安全和资料泄密问题也越来越严峻。此外，不法分子也广泛使用加密软件来加密敏感数据来隐藏他们的犯罪证据。 与传统的计算机取证不同的是，计算机的内存取证是从内存中提取易失性数据，易失性数据是指存在于“活”的计算机系统或网络设备的内存中的数据，计算机关机或重启后这些数据将不会存储于计算机中。许多易失性数据，例如内存映射文件、口令等缓存信息由于驻留在内存中，磁盘获取技术不能访问到这些数据。本文的工作基础就是在内存镜像中进行口令或密钥的恢复。 本文的工作主要分两部分，一部分是以明文形式存储在内存中的口令的恢复，另一部分是加密软件中加密文件的加密密钥的恢复研究。Netkeeper和学生邮箱系统两个应用的口令都是以明文形式存储在内存中的，所以本文主要对这两个应用的口令实现恢复；本文中试图恢复的加密密钥的软件是TrueCrypt。两部分的恢复研究工作都是基于Windows操作系统。 【关键词】内存镜像 口令 密钥 Netkeeper 学生邮箱系统 TrueCrypt加密卷 Window操作系统  ABSTRACT With the rapid development of computer technology and the widespread use of the Internet, human society entered the global information age. Computer and communications software applications become more diverse. At the same time, the need to protect people's privacy and information, more and more faced with security and data privacy leakage problems are more severe. In addition, criminals are also widely used encryption software to encrypt sensitive data to hide evidence of their crimes. Being different with traditional computer forensics is that the computer's memory forensics is extracted from memory volatile data, volatile data is present in the "live" computer system or network device data in memory, after the computer shutdown or restart ，these data will not be stored in the computer. Many volatile data, such as memory-mapped files, passwords, cache information such as resident in memory, disk access technology not have access to this data. This work is the basis on the memory image to the recovery of a password or key. This work is mainly divided into two parts.a part of the recovery work is about the password which is stored in plaintext. Another part of recovery work is that the encryption key of encrypted software.The passwords of Netkeeper and student mail system are stored in plaintext in memory, so this paper m