| 基于多Agent的分布式计算机动态取证模型研究 |
| |
| 引用本文: | 杨卫平,段丹青. 基于多Agent的分布式计算机动态取证模型研究[J]. 计算机应用与软件, 2008, 25(3): 81-82,137 |
| |
| 作者姓名: | 杨卫平 段丹青 |
| |
| 作者单位: | 湖南公安高等专科学校计算机科学技术系,湖南,长沙,410006;湖南公安高等专科学校计算机科学技术系,湖南,长沙,410006 |
| |
| 基金项目: | 湖南省教育厅青年基金 , 湖南省公安厅科研项目 |
| |
| 摘 要: | 传统的计算机取证大多采用静态取证技术,通过事后分析的方法提取证据,证据的收集和提取比较困难,证据的法律效力低.将计算机取证技术与入侵检测技术结合,提出一种基于多Agent的分布式计算机动态取证模型,采用多Agent的分布式数据采集策略,扩展了取证范围;通过入侵检测系统实时监测,动态获取入侵证据,提高了证据的证明能力;同时,采用证据融合的数据分析技术,通过多源联合信息降低了误警率,增加了证据的可信度,提高了证据的有效性.
|
| 关 键 词: | 计算机取证 分布式 动态 多Agent |
| 收稿时间: | 2006-05-09 |
| 修稿时间: | 2006-05-09 |
A DISTRIBUTED COMPUTER DYNAMIC FORENSICS MODEL BASED ON MULTI-AGENT |
| |
| Yang Weiping,Duan Danqing. A DISTRIBUTED COMPUTER DYNAMIC FORENSICS MODEL BASED ON MULTI-AGENT[J]. Computer Applications and Software, 2008, 25(3): 81-82,137 |
| |
| Authors: | Yang Weiping Duan Danqing |
| |
| Affiliation: | Yang Weiping Duan Danqing(Department of Computer Science , Technology,Hunan Public Security College,Changsha 410006,Hunan,China) |
| |
| Abstract: | Traditionally, the static computer forensic technique is assigned to collect crime Commitment information analyzed post-facto, which makes evidences collecting really difficult. More seriously, the severity of the evidences in law cannot be guaranteed. Combining with computer forensic technique and intrusion detection technique,a distributed dynamic computer forensics model based on multi-Agent is presented. The distributed data collection policy is adopted, so that the range of data collection is extended. The dynamic intrusion detection system provides real-time evidences of high legal stringency. The evidence-combined data analysis technique is adopted to decrease the rate of false alarm and enhance the validity of the evidences. |
| |
| Keywords: | Computer forensic Distributed Dynamic Multi-agent |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
