网络入侵取证调查研究

Study on Network Intrusion Forensics

首先介绍一些基本的网络安全概况,接着阐述本论文的研究背景,进而对网络入侵调查中常见的入侵情景进行了阐述和分析,对网络入侵取证的过程做了研究。总结出网络入侵取证调查的主要任务之一就是信息管理,并着重从入侵时间、入侵来源、受侵主机、入侵方式、入侵活动五个方面着手,对网络入侵特点、识别方法及可能的结论进行了探讨。

In this paper, some basic network security profiles are presented, including the research background. The common intrusions in the survey of network intrusion are described and analyzed, including the collection of network intrusion evidences. And the primary mission for network intrusion investigation is the information management, and from the five aspects of intrusion time, intrusion origin, host intrusion, intrusion way, intrusion activities, the network intrusion characteristics, recognition methods and possible solutions are discussed in detail.