摘要
随着网络技术的发展,黑客攻击现象越来越多。计算机取证技术是当今一种热门的动态安全技术,它采用主动出击的方法,搜集入侵证据,查出黑客的来源,有效地防范黑客入侵。文中提出了一种入侵检测取证系统模型,它考虑把入侵检测和计算机取证技术结合在一起。在遭受入侵时它能实时地收集可靠的证据,完成入侵事件的检测和取证分析,弥补了入侵检测的不足,有效地阻止了黑客攻击。文章详细介绍了入侵检测取证的过程和方法,并讨论了系统存在的问题。
With the development of Web,more and more hacker attacks appear.Computer forensic is a dynamic security technology.It collects the proofs of intrusion and finds the source of hacker with the active methods,so it can prevent hacker intrusion effectively.The paper proposes the model of IDS and computer forensic system.It connects intrusion detection and computer forensic.It can collect the proofs timely and accomplish the analysis of detection and forensic when intruded.This system makes up the lack of intrusion detection,and prevents hacker attacks effectively. The paper introduces progress and methods of intrusion detection and forensic in detail,and discusses some problems of the system.
出处
《微机发展》
2004年第8期117-119,共3页
Microcomputer Development