| 基于本体和上下文感知的主动式计算机犯罪取证模型设计研究 |
| |
| 引用本文: | 贾保先,谢圣献.基于本体和上下文感知的主动式计算机犯罪取证模型设计研究[J].信息网络安全,2012(1):68-70. |
| |
| 作者姓名: | 贾保先 谢圣献 |
| |
| 作者单位: | 聊城大学计算机学院,山东聊城252059 |
| |
| 基金项目: | 山东省教育厅项目[J08LJ20、J09LG29] |
| |
| 摘 要: | 事后被动的取证已经无法满足计算机犯罪取证的要求,文章针对计算机取证模型实现的关键技术进行研究,融合了蜜罐、入侵检测、上下文感知信息、Ontology等技术,有效地进行事前主动获取取证数据。文章提出了基于Ontology和上下文感知的动态取证模型,应用实例表明模型提高了对攻击源定位的追踪的准确性和实时性。
|
| 关 键 词: | 计算机犯罪 计算机取证 主动取证模型 蜜罐 本体 |
Dynamic Forensics Model based on Ontology and Context Information |
| |
| JIA Bao-xian,XIE Sheng-xian.Dynamic Forensics Model based on Ontology and Context Information[J].Netinfo Security,2012(1):68-70. |
| |
| Authors: | JIA Bao-xian XIE Sheng-xian |
| |
| Affiliation: | (College of Computer Science,Liaocheng University,Liaocheng Shandong 252059,China) |
| |
| Abstract: | The existing Forensics model already could not satisfy the need of the computer forensics.Key technology which can implement Forensics Model was studied in this paper.Honeypot forensics,IDS,Ontology technologies were combined effectively in order to obtain forensics data beforehand.A complete dynamic forensics system which can replay computer crime was designed.Non-repeated varying probability packet marking scheme was proposed.The paper proposed dynamic forensics model based on ontology and context information.The efficiency and accuracy of spam filtering are improved. |
| |
| Keywords: | computer crime computer forensics dynamic forensics model Honey-pot ontology |
| 本文献已被 CNKI 维普 等数据库收录! |
