網路犯罪入侵案件之數位證據蒐證研究

Abstract

資訊科技與網際網路的蓬勃發展，促進人類溝通的便利性、生活型態與消費習性的轉變，成為各行各業重要數位資產。相對的，由於許多有心人士為取得不當利益，以資訊科技與網際網路作為犯罪工具，對社會治安產生許多負面影響，如網路入侵、賭博、色情、毀謗、詐欺、恐嚇、侵害智慧財產權、妨害名譽、侵害他人個人資料保護、販賣違禁品等網路犯罪型態，嚴重威脅與侵害網際網路使用者、網路服務提供者、企業與政府機構電子化策略，影響國家經濟發展。 為打擊日益嚴重的網路入侵犯罪案件與解決其犯罪現場所產生之數位證據蒐證問題，本論文首先探討入侵案件之特性與數位證據的種類，並以李昌鈺博士重建刑案之物證檢驗步驟為基石，結合歐美先進國家之電腦鑑識科學採證準則，提出一個完整犯罪現場之數位證據蒐證處理程序，並以實際入侵案件驗證此程序之可行性，最後調查現有電腦鑑識研發公司，所開發之各種電腦鑑識軟體功能，做為數位證據之採證工具。所以本論文主要目的協助國內司法人員偵查網路入侵犯罪案件，以降低入侵案件發生率，並引進電腦鑑識科學觀念做為國內數位證據研究參考依據與方向。

Internet has become an important media of communication and has added a new dimension to doing business and even to our life style. On the negative side, criminals have also utilized this open environment to gain advantages. On-line gambling, smearing, violation of intellectual property, infringement on personal privacy is just some of those crimes. In this thesis, the author addresses the issue on collecting evidence to help police officials to fight those cyber crimes. Being different from the evidence collected for investigating traditional crimes, evidential documents exist, now, in digital form. Establishing a systematic procedure for collecting digital evidence is a necessity, if the evidence is to be admissible to the court. The author extends a formal procedure for the traditional crime investigation presented by Henry Lee to serve this purpose, adding more steps adapted from principles of computer forensic science. To validate the feasibility of the extended procedure, it is applied, step by step, to investigate a case of network intrusion. The investigation has not been completed, because the criminal apparently intruded the system from nodes located in foreign countries and international coordination must have been involved if a complete investigation demanded. The case study, however, demonstrates the first effort, in this country, to establish such a formal procedure. In the mean time, the author has surveyed several software tools applicable to digital-evidence collection. The author hopes that the result of this thesis research can help law enforcement officials to fight against cyber crimes, in particular, against the crimes involving network intrusions.