| 一种入侵检测取证系统模型的设计 |
| |
| 引用本文: | 俞晓雯,高强,丁杰.一种入侵检测取证系统模型的设计[J].微机发展,2004,14(8):117-119. |
| |
| 作者姓名: | 俞晓雯 高强 丁杰 |
| |
| 作者单位: | 华北电力大学电子与通信工程系,华北电力大学电子与通信工程系,华北电力大学电子与通信工程系 河北保定071003,河北保定071003,河北保定071003 |
| |
| 摘 要: | 随着网络技术的发展,黑客攻击现象越来越多。计算机取证技术是当今一种热门的动态安全技术,它采用主动出击的方法,搜集入侵证据,查出黑客的来源,有效地防范黑客入侵。文中提出了一种入侵检测取证系统模型,它考虑把入侵检测和计算机取证技术结合在一起。在遭受入侵时它能实时地收集可靠的证据,完成入侵事件的检测和取证分析,弥补了入侵检测的不足,有效地阻止了黑客攻击。文章详细介绍了入侵检测取证的过程和方法,并讨论了系统存在的问题。
|
| 关 键 词: | 计算机取证 入侵检测 日志审计 数据挖掘 |
| 文章编号: | 1005-3751(2004)08-0117-03 |
| 修稿时间: | 2003年12月11 |
Design of IDS and Computer Forensic System |
| |
| YU Xiao-wen,GAO Qiang,DING Jie.Design of IDS and Computer Forensic System[J].Microcomputer Development,2004,14(8):117-119. |
| |
| Authors: | YU Xiao-wen GAO Qiang DING Jie |
| |
| Abstract: | With the development of Web,more and more hacker attacks appear.Computer forensic is a dynamic security technology.It collects the proofs of intrusion and finds the source of hacker with the active methods,so it can prevent hacker intrusion effectively.The paper proposes the model of IDS and computer forensic system.It connects intrusion detection and computer forensic.It can collect the proofs timely and accomplish the analysis of detection and forensic when intruded.This system makes up the lack of intrusion detection,and prevents hacker attacks effectively. The paper introduces progress and methods of intrusion detection and forensic in detail,and discusses some problems of the system. |
| |
| Keywords: | computer forensic intrusion detection log audit data mining |
| 本文献已被 CNKI 维普 等数据库收录! |
|
