期刊文献+
共找到2篇文章
< 1 >
每页显示 20 50 100
Computer Forensic Using Lazy Local Bagging Predictors
1
作者 邱卫东 鲍诚毅 朱兴全 《Journal of Shanghai Jiaotong university(Science)》 EI 2009年第1期94-97,共4页
In this paper, we study the problem of employ ensemble learning for computer forensic. We propose a Lazy Local Learning based bagging (L3B) approach, where base learners are trained from a small instance subset surr... In this paper, we study the problem of employ ensemble learning for computer forensic. We propose a Lazy Local Learning based bagging (L3B) approach, where base learners are trained from a small instance subset surrounding each test instance. More specifically, given a test instance x, L3B first discovers x's k nearest neighbours, and then applies progressive sampling to the selected neighbours to train a set of base classifiers, by using a given very weak (VW) learner. At the last stage, x is labeled as the most frequently voted class of all base classifiers. Finally, we apply the proposed L3B to computer forensic. 展开更多
关键词 computer forensic data mining CLASSIFICATION lazy learning BAGGING ensemble learning
原文传递
Acquisition of Network Connection Status Information from Physical Memory on Windows Vista Operating System
2
作者 Xu Lijuan Wang Lianhai Zhang Lei Kong Zhigang 《China Communications》 SCIE CSCD 2010年第6期71-77,共7页
A method to extract information of network connection status information from physical memory on Windows Vista operating system is proposed. Using this method, a forensic examiner can extract accurately the informatio... A method to extract information of network connection status information from physical memory on Windows Vista operating system is proposed. Using this method, a forensic examiner can extract accurately the information of current TCP/ IP network connection information, including IDs of processes which established connections, establishing time, local address, local port, remote address, remote port, etc., from a physical memory on Windows Xflsta operating system. This method is reliable and efficient. It is verified on Windows Vista, Windows Vista SP1, Windows Vista SP2. 展开更多
关键词 computer forensic memory analysis network connection status information
下载PDF
上一页 1 下一页 到第
使用帮助 返回顶部