| 基于人工免疫的网络入侵动态取证 |
| |
| 引用本文: | 丁菊玲,刘晓洁,李涛,仰石,杨频.基于人工免疫的网络入侵动态取证[J].四川大学学报(工程科学版),2004,36(5):108-111. |
| |
| 作者姓名: | 丁菊玲 刘晓洁 李涛 仰石 杨频 |
| |
| 作者单位: | 四川大学,计算机学院,四川,成都610065 |
| |
| 基金项目: | 国家自然科学基金资助项目(60373110),教育部博士点基金资助项目 (2 0 0 3 0 6 1 0 0 0 3 ) |
| |
| 摘 要: | 为有效提取证据,保证证据的原始性和有效性,建立了基于动态克隆选择原理的入侵监控细胞以及动态取证细胞的模型,给出了自体、非自体、抗原、检测细胞以及证据的定义。监控细胞实现对网络入侵的实时监控,并及时启动取证细胞,完成对网络入侵证据的实时提取。实验表明,该模型能有效地对多种攻击进行实时证据的提取,具有自适应性、分布性、实时性等优点,是动态计算机取证的一个较好解决方案。
|
| 关 键 词: | 人工免疫 网络入侵 计算机取证 |
| 文章编号: | 1009-3087(2004)05-0108-04 |
Dynamic Computer Forensics Based on Artificial Immune System Against Network Intrusion |
| |
| DING Ju-ling,LIU Xiao-jie,LI Tao,YANG Shi,YANG Pin.Dynamic Computer Forensics Based on Artificial Immune System Against Network Intrusion[J].Journal of Sichuan University (Engineering Science Edition),2004,36(5):108-111. |
| |
| Authors: | DING Ju-ling LIU Xiao-jie LI Tao YANG Shi YANG Pin |
| |
| Abstract: | In order to fetch evidences effectively and insure their originality and validity, a new method for dynamic computer forensics is presented. A model of MoC ( Monitor Cell) based on dynamic clonal selection theory and a DFoC(Dynamic computer Forensics Cell) are defined. The definitions of "self","non-self","detection cell" and "evidence" are given out. The MoC surveils network intrusions real timely and start DFoC immediately when it finds intrusions. Thus the DFoC can collect evidences dynamicly. The experiment shows the model can effectively fetch real-time evidence of diverse attacks, and has the features of self-adaption , distribution, and real time. Therefore it is a good way for dynamic computer forensics. |
| |
| Keywords: | artificial immune system(AIS) network intrusion computer forensics |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
