资源描述:
《基于入侵检测的主动取证的研究和实现方法》由会员上传分享,免费在线阅读,更多相关内容在工程资料-天天文库。
1、基于入侵检测的主动取证的研究和实现方法Activeforensicsmethodbasedonintrusiondetectionsystem[source:
2、:2008-07-30
3、:3
4、comments:0
5、fonts:largemediumsmall]Abstract:inordertokeepthevaluableevidenceandimplementthelargerdatareduction,anactiveevidenceisdesignedtoselectthestoragemethod.Securityin
6、cidentsareclassifiedaccordingtotheIDSlogs,selectedaccordingtodifferenttypesofsecurityincidentsandstorageofdifferentnetworkdatastoredasevidence,evidencequantityandpriceofcompromise・Keywords:taketheinitiative;Intrusiondetectionsystem;Computerevidence;LogChineselibrary
7、classificationnumber:TP393.08literatureidentificationcode:Aarticlenumber:1001-3695(2007)005-0278-02introductionWiththewidespreaduseofcomputerInternet,computercrimeisalsooccurringfrequently.Computercrimehasbecomeanewdirectionincriminalcases・Thekeytofightingcrimeisgai
8、ningfull,reliableandstrongevidence・Socomputerforensicsgraduallybecomesthefocusofpeople,sresearchandattention.Computerevidencereferstoallmaterialsandtheiranimalsusedintheformofcomputersandusedasevidence・Computerforensicsistousecomputerandrelatedprincipleandmethodofsc
9、ieneeandtechnologyforcomputerrelatedevidence,toprovethatthereisanobjectivefact・Hostcomputerforensicsgoalistoestablishtheappropriatesystemautomaticallycollecting,filtering,suspiciousdata,andrealizetheefficient,safeandreliablestorageofdata,ifnecessaryforqueriesorprovi
10、deautomaticanalysisreport・Bradfordandothershavesummarizedthebasicprinciplesofbuildingsuchsystemsforinternaluserswithintheenterprise・,Theintrusiondetectionsystem(IDS)hasbecomeanimportantpartofthenetworksecuritysolutionbecauseofitsinherentadvantages,andhasbeenwidelyus
11、ed・Currently,IDSgeneratesalargenumberofindependent,originalalarminformation.Inadditiontohavingalargenumberofcharacteristics,thealarmrateandtheleakageratearehigher・Fromalegalpointofview,thealarmlogisnotprovedtobestrong・Theacquisitionofnetworkdataevidenceisevidenceoft
12、hefactthatitisinterceptedinthetransmissionofcriminaleventsorevidence・Asthenetworkbandwidthincreases,moreandmoredataisbeingtransmittedovert