基于智能代理的动态取证技术研究

Research on the Dynamic Forensics Based on Intelligent Agent

计算机静态取证存在证据的真实性、有效性和及时性问题。本文提出将取证技术结合到防火墙、入侵检测系统中,对所有可能的计算机犯罪行为进行实时的动态取证,重点研究了基于智能代理的动态取证系统模型、智能代理技术在动态取证中的应用以及动态取证中的数据获取,解决动态取证的实时性、智能性、可适应性和扩展性问题。

Computer static forensics has the problems of the true and the efficacy in the evidence. This paper presents the combine forensics with firewall and intrusion detection system to get the electronic evidence timely.It focuses on the model of dynamic forensics based on intelligent agent, the application of intelligent agent in dynamic forensics and the data collection of dynamic forensics, the application of intelligent agent can help to resolve the real-time, intelligent and adaptable problems.