期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于可信概率的电子数据取证有效性模型 被引量:15

One Validity Model of Digital Data Forensics Based on Trusted Probability
下载PDF
导出
摘要 针对当前证据有效性不足的缺点,结合概率论,提出了基于可信概率的电子数据取证有效性模型.以Petri网为基础,将取证后经形式化处理的数据抽象为Petri网中的库所,操作行为和取证方法抽象为变迁,后一节点为运用该操作方法对前一节点进行某种变换所形成.给出了取证过程中的基本定义和形式化处理方法,研究了概率计算的相关算法,描述了详细的推理过程.利用"可信度+数据源+取证规则"作为对所得证据的有效性说明,为可信取证的动态取证行为可信提供理论基础.通过概率计算的方法,最终得到具体的概率数据,在保证数据源信息可信的基础上(即静态属性可信的假设前提),通过可信概率(概率值接近0或者1)的方法保证处理过程所使用的取证规则可信(即使用可信的动态取证方法或行为),最终实现电子数据作为证据的高的可信度.最后,设计了有效性证明系统,利用实际案例,分析并验证了可信概率在电子数据取证有效性模型中的具体应用. According to the shortage of the current evidence's validity,one validity model of digital data forensics based on trusted probability is put forward.Based on Petri net,after collecting the evidence,the digital data processed through formalization is abstracted as the place of Petri net,at the same time,the operating behaviors and forensics methods are abstracted as the transitions.Then the backward nodes are formed by making some transformation on the forward nodes using the methods described above.The model puts forward the basic definitions and the methods of formalization processing.Moreover,it makes some researches on the related algorithms of probability calculation and describes the reasoning process in detail.The validity of evidence is proved by the combination architecture "Credit+Data source+Forensics rules",which provides theoretical basis for credibility of dynamic behavior in trusted forensics.Using the method of probability calculation,the concrete probability value can be finally gained.If the data source is supposed to be trusted,which means the data has trusted static attribute,then we can use the method of trusted probability,whose value is closing to 0 or 1,to ensure the forensics rules to be trusted within the processing,and the methods or the behaviors of dynamic forensics are trusted too.These models and methods give high confidence to the digital data as the evidence.In the end,a system of validity proof is designed to analyze and verify the trusted probability through its concrete application in the validity model of digital data forensics.
作者 孙国梓 耿伟明 陈丹伟 申涛
机构地区 南京邮电大学计算机学院 江苏省无线传感网高技术研究重点实验室 宽带无线通信与传感网技术教育部重点实验室 中国移动通信集团河北有限公司石家庄分公司
出处 《计算机学报》 EI CSCD 北大核心 2011年第7期1262-1274,共13页 Chinese Journal of Computers
基金 国家科技部"十一五"科技支撑计划项目(2007BAK34B06) 国家自然科学基金(61073114) 江苏省高校自然科学基金(09KJD520007) 南京邮电大学攀登计划项目(NY208009) 江苏高校优势学科建设工程项目资助~~
关键词 可信取证 有效性 电子数据取证 PETRI网 概率 trusted forensics validity digital data forensics Petri nets probability
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献22

  • 1Daphyne S T, Karen A F. Legal methods of using computer forensics techniques for computer crime analysis and investigation. Issues in Information System, 2004, 4(2): 692-698.
  • 2Liao N D, Tian S F, Wang T H. Network forensics based on fuzzy logic and expert system. Computer Communications9 2009, 32(17): 1881-1892.
  • 3Alink W, Bhoedjang R A F, Boncz P A et al. XlRAF- XML-based indexing and querying :for digital forensics. Digital Investigation, 2006, 3(S1): 50-58.
  • 4Richard A, Michael T, John B. Use of data mining techniques to model crime scene investigator performance. Knowledge-Based Systems, 2007, 20(2) : 170-176.
  • 5Florian B, Eugene S. On the role of file system metadata in digital forensics. Digital Investigation, 2004, 1(4) :298-309.
  • 6Sarandis M, Dimitrios P, Christos D. On incident handling and response: A state-of the-art approach. Computers & Security, 2006, 25(5): 351-370.
  • 7Marc R. The role of criminal profiling in the computer forensics process. Computers &Security, 2003, 22(4): 292-298.
  • 8Khatir M, Hejazi S M, Sneiders E. Two-dimensional evidence reliability amplification process model for digital forensics//Proceedings of the 3rd International Annual Workshop on Digital Forensics and Incident Analysis (WDFIA' 08). Malaga, Spain, 2008:21-29.
  • 9Peter Stephenson. The application of formal methods to root cause analysis of digital incidents. International Journal of Digital Evidence, 2004, 3(1) : 1-15.
  • 10孙国梓,俞超,陈丹伟,金仙力.基于瀑布模型的可信取证方法[J].信息网络安全,2009(7):4-6. 被引量:2

二级参考文献65

  • 1周海刚,邱正伦,肖军模.网络主动防御安全模型及体系结构[J].解放军理工大学学报(自然科学版),2005,6(1):40-43. 被引量:23
  • 2王电钢,李涛,刘孙俊,王铁方.基于免疫Agent的计算机动态取证[J].武汉大学学报(理学版),2006,52(5):527-531. 被引量:2
  • 3Palmer G. A road map for digital forensics research[R]. Report From the First Digital Forensics Research Workshop(DFRWS), 2001
  • 4ScbneierB著 吴世忠 祝世雄 张文政译.应用密码学协议、算法与C源程序[M].北京:机械工业出版社,1996..
  • 5McClureS ScambrayJ KurtzG著 刘江 杨继张 钟向群译.黑客大曝光[M].北京:清华大学出版社,2003..
  • 6Howard J D. An analysis of security incidents on the internet 1989-1995[D]. Pennsylvania: Carnegie Mellon University, 1997
  • 7Haber S, Stometta W S. How to time stamp a digital document[J]. Journal of Cryptology, 1991, 3(2): 99-11
  • 8Petri C A.Kommunikation mit Automaten.Bonn:Schriften des Instituts fur Instrumentelle Mathematik,1962
  • 9Jacques Cohen.Bioinformatics-An introduction for computer scientists.ACM Computing Surveys,2004,36(2):122-158
  • 10Murata T.Petri nets:Properties,analysis and applications.Proceedings of the IEEE,1989,77(4):541-580

共引文献22

同被引文献131

引证文献15

二级引证文献32

计算机学报
2011年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部