网络入侵取证系统(Ⅱ)

Forensic System on the Network Intrusion (Ⅱ)

随着网络技术的不断发展 ,网络安全变得越来越重要 .在已有的网络安全研究中 ,多着眼于防犯入侵 ,而对于入侵后的取证问题研究甚少 .依据入侵者最有可能在系统日志和网络通信数据中留下的痕迹 ,研制出一个网络入侵取证系统 .

With the development of the network technology, the security of network is becoming more and more important. The focus of current security study is for guarding against intrusion, but there is little research into collecting evidence of network intrusion. Therefore, we research and develop a collecting evidence system of network intrusion on the basic of the trace which intruders left systematic logs and the network communication data possibly. This system can solve the difficulties of the collecting evidence in the network intrusion effectively.