| 计算机入侵动态取证技术研究 |
| |
| 引用本文: | 段丹青,杨卫平,黄伟平. 计算机入侵动态取证技术研究[J]. 湖南公安高等专科学校学报, 2005, 17(6): 67-70 |
| |
| 作者姓名: | 段丹青 杨卫平 黄伟平 |
| |
| 作者单位: | 1. 湖南公安高等专科学校,湖南,长沙,410006
2. 湖南软件职业学院,湖南,长沙,410083 |
| |
| 摘 要: | 计算机取证是打击计算机犯罪的有效手段,传统的计算机取证大多采用事后分析的静态取证技术,证据的采集不够及时、全面,经恢复的数据可能是已经被篡改,因而法律效力低。可以运用一种将计算机取证技术与入侵检测技术结合的入侵动态取证系统,动态收集识别入侵证据,及时分析、提取证据至证据库中保存。此系统采用认证、加密、隔离等安全手段,确保了证据在传送、保存过程中的真实性、准确性及不可篡改性,使其成为有效的法庭证据,实现了计算机取证的及时性、智能性。
|
| 关 键 词: | 计算机取证 电子证据 入侵检测 证据提取 |
| 文章编号: | 1008-7575(2005)06-0067-04 |
| 修稿时间: | 2005-09-05 |
Study on the Dynamic Computer Forensics System Based on IDS |
| |
| DUAN Dan-qing,YANG Wei-ping,HUANG Wei-ping. Study on the Dynamic Computer Forensics System Based on IDS[J]. Journal of Huan Public Security College, 2005, 17(6): 67-70 |
| |
| Authors: | DUAN Dan-qing YANG Wei-ping HUANG Wei-ping |
| |
| Affiliation: | DUAN Dan-qing~1,YANG Wei-ping~1,HUANG Wei-ping~2 |
| |
| Abstract: | The computer forensic is an important tool in battling with the computer crime. In tradition,the static forensic is mainly employed to collect digital evidences after the intrusion has happened,so it's difficult to collect the evidences entirely in time,and the recovered files may has been modified,so the collected digital evidences are not so available in law.The paper provide a dynamic computer forensics system combined with computer forensic technology and intrusion detection system,the system collects and recognizes the digital evidences by intrusion detection,analyzes and extracts the evidences to evidences database.It employs the security methods like computer authentication,encryption and isolation to ensure the accuracy,validity,immutability of the digital evidences in the course of transfer and storage.The system makes the computer forensics intelligently and in time. |
| |
| Keywords: | computer forensics digital evidence intrusion detection evidences extraction. |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
