摘要
为解决网络取证所面临的技术难题,借用信息安全领域中的标记技术、木马技术,提出了一种基于敏感信息跟踪的网络取证方案GENBAD.介绍了GENBAD的体系结构及工作机制,采用原型法部分实现了GENBAD的功能,分析了GENBAD的优点及下一步改进的思路.
To settle the technical difficulty in network evidence-getting, referring to the label and Trojan horse teclmique in security theory, this paper puts forward a network evidence-getting technique scheme called GENBAD( Gathering Evidence by Network Based on Active Defence), which is based on tracking sensitive information. The paper introduces the architecture and work mechanism of GENBAD. GENBAD are partly implemented by prototype method. The paper also analyses the advantage of GENBAD and the idea to promote GENBAD.
出处
《四川师范大学学报(自然科学版)》
CAS
CSCD
北大核心
2005年第6期759-762,共4页
Journal of Sichuan Normal University(Natural Science)
基金
国家973基金(G1999035801)资助项目