摘要
提出了一种基于擦除痕迹追踪的网络恶意攻击取证技术,分析攻击擦除痕迹的相交性作为取证方案,依据网络恶意攻击的相交擦除痕迹构建贝叶斯报警网络,对恶意攻击进一步取证,并通过网络恶意攻击检测模型分析网络受到的恶意攻击状态,实现大规模网络恶意攻击擦除后的取证。实验结果表明,该方案具有良好的实践性,能够对网络恶意攻击进行准确地取证,具有较高的报警率和较低的误报率,取得了令人满意的结果。
proposes a malicious attacks based on intersection wipe traces of network forensics technology, analysis of preliminary evidence collection scheme based on intersection wipe traces, malicious attack based on network intersection wipe traces constructing bayesian alerting network, further evidence to malicious attack, and through the cloud computing network malicious network attack detection model analysis of malicious attacks, realize the cloud computing network malicious attack detection. The experimental results show that the scheme has good practicality, can carry on the accurate evidence to the network of malicious attacks, has the high alarm rate and lower false alarm rate, and achieved satisfactory results.
出处
《科技通报》
北大核心
2013年第10期39-41,共3页
Bulletin of Science and Technology
基金
2013年度中央高校基本科研业务项目(LGYB201309)
关键词
相交擦除痕迹
恶意攻击
网络取证
贝叶斯报警网络
intersection wipe traces
malicious attacks
network forensics
bayesian network alarm