期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

网络取证及其应用技术研究 被引量:10

Study of Network Forensics and its Application Techniques
下载PDF
导出
摘要 网络取证技术的研究目前还很不成熟,术语的使用也较混乱.本文主要研究了网络取证的分析技术,着重分析了基于IDS、蜜阱、Agent、模糊专家系统和SVM等技术的网络取证实现方法,提出了基于入侵容忍、网络监控等技术的网络取证系统设计思想,从而系统地介绍了网络取证技术的概念、分析方法、取证技术、系统实现方法及其发展趋势. At present, the research of network forensics is far from mature, and the use of nomenclature is very confused. The paper discusses the analysis techniques in network forensics, and network forensic methods based on IDS, honeytrap, Agent, fuzzy ES and SVM. It is proposed how to design the network forensic systems based on the techniques of intrusion tolerance, network monitor and so on. To sum up we discuss systematically the concepts, methods, realizing techniques and the development trend of the network forensics./
作者 张有东 王建东 叶飞跃 陈惠萍 李涛
机构地区 南京航空航天大学计算机科学与工程系
出处 《小型微型计算机系统》 CSCD 北大核心 2006年第3期558-562,共5页 Journal of Chinese Computer Systems
基金 国家"九七三"基金项目(G1999032701)资助.
关键词 网络取证 入侵检测 入侵容忍 专家系统 SVM network forensics intrusion detection intrusion tolerance expert system SVM
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献25

  • 1Edward Wilding,Sweet & Maxwell.Computer evidence:a forensic investigations handbook[Z].Computer Fraud & Security,January 1997,Elsevier Ltd.
  • 2Marcus Ranum.Network flight recorder[EB/OL].http://www.ranum.com.
  • 3Beebe Clark.A hierarchical,objectives-based framework for the digital investigations process[Z].DFRWS,Baltimore,Maryland,August 2004.
  • 4Vicka Corey et al.Network forensics analysis[C].IEEE Internet Computing,November,December 2002.
  • 5Jim Yuill,S Felix Wu,Fenmin Gong et al.Intrusion detection for an on-going attack[C].2nd International Workshop on Recent Advances in Intrusion Detection-RAID 99.
  • 6Peter Stephenson.Intrusion management:a top level model for securing information assets in an enterprise environment[C].Proceedings of EICAR 2000,Brussels,Belgium,March 2000.
  • 7Andrew H Gross.Analyzing computer intrusions[D].PhD Thesis,University of California,San Diego,San Diego,CA,1997.
  • 8BalckLab:a workbench for forensic analysts[Z] Area Systems,Exodus Communications,Inc.,Columbia,MD,December 1999.
  • 9Peter Sommer.Intrusion detection system as evidence[Z].Recent Advances in Intrusion Detection-RAID 98.
  • 10Peter Stephenson.The application of intrusion detection systems in a forensic environment[C].Proceedings of the RAID 2000 Conference,Toulouse,France,2000.

二级参考文献12

  • 1grugq.Defeating forensic analysis on Unix. Phrack #59 article6.http://www.phrack.org/show.phpp=59a=6,2002.
  • 2Farmer D.What are MACtimes Dr. Dobb''s Journal.http://www.ddj.com/documents/s=880/ddj0010f/0010f.htm,2000,10.
  • 3Farmer D Venema W.The coroner''''s toolkit (TCT). Dan Farmer Wietse Venema.http://www.fish.com/tct/,2002.
  • 4grugq scut.Armouring the ELF: Binary encryption on the UNIX platform. Phrack #58 article5.http://www.phrack.org/show.phpp=58a=5,2001.
  • 5Oseles L.Computer forensics: The key to solving the crime.http://facuity.ed.umuc.edu/-meinkej/inss690/oseles_2.pdf,2001.
  • 6ParraM.Computer forensics.http://www.giac.org/practical/Moroni_Parra_GSEC.doc,2002.
  • 7Dittrich D.Basic steps in forensic analysis of Unix systems.http://staff.washington.edu/dittrich/misc/forensics/,2000.
  • 8R Castro,M Coates,G Liang et al. Network Tomography:Recent Development[J].Statistical Science ,2003
  • 9T Bu ,N duffield ,F L presti et al. Network Tomography on General Topologies[C].In: SIGCOMM 2002,2002
  • 10Weiping Zhu. Using Bayesian network on network tomography[J].Computer Communications,2003 ;26:155~163

共引文献202

同被引文献55

引证文献10

二级引证文献28

小型微型计算机系统
2006年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部