| 基于免疫Agent的计算机动态取证 |
| |
| 引用本文: | 王电钢,李涛,刘孙俊,王铁方.基于免疫Agent的计算机动态取证[J].武汉大学学报(理学版),2006,52(5):527-531. |
| |
| 作者姓名: | 王电钢 李涛 刘孙俊 王铁方 |
| |
| 作者单位: | 1. 四川大学,计算机学院,四川,成都,610065;四川省电力公司培训中心,四川,成都,610072
2. 四川大学,计算机学院,四川,成都,610065 |
| |
| 基金项目: | 国家自然科学基金;教育部跨世纪优秀人才培养计划;高等学校博士学科点专项科研项目 |
| |
| 摘 要: | 针对目前计算机取证技术因为取证时间的滞后而缺乏实效性的不足,提出了一种基于人工免疫原理和Multi—Agent理论的计算机动态取证方法.该方法结合了人工免疫系统在入侵检测中的优势及Multi-Agent系统在体系结构上的分布式特点,能够在网络攻击一旦发生的时候动态地收集实时数字证据,并通过安全有效的方式将证据及时、完整地加以保存,为证据的收集和分析工作提供可信的原始数据.同时能够确保数字证据安全有效地传输及保存.实验表明该方法能够确保证据的真实、完整和有效,为计算机动态取证的实现提供了一种新的思路.
|
| 关 键 词: | 人工免疫系统 免疫Agent 动态取证 |
| 文章编号: | 1671-8836(2006)05-0527-05 |
| 修稿时间: | 2006年4月11日 |
Dynamic Network Forensics Based on Immune Agent System |
| |
| WANG Diangang,LI Tao,LIU Sunjun,WANG Tiefang.Dynamic Network Forensics Based on Immune Agent System[J].JOurnal of Wuhan University:Natural Science Edition,2006,52(5):527-531. |
| |
| Authors: | WANG Diangang LI Tao LIU Sunjun WANG Tiefang |
| |
| Abstract: | Current network forensics systems are static and not real-time.In order to overcome the shortages,a new forensics model based on artificial immune theory and multi-agent theory is introduced here.Comparing with traditional computer forensics methods,the new method combines the advantages of a Intrusion Detect System based on immunology and a distributed system organized as Multi-Agent system.It provides the capacity that gathering real-time evidence dynamically as soon as network intrusions take place and saving the evidence in a safe way to prepare for the collection and analysis of the original data.In this paper,architecture of the model and the definitions of its components are given out.The experiment shows that it is able to insure the authenticity,integrality and validity of the digital evidence,and it is a new method for dynamic computer forensics. |
| |
| Keywords: | artificial immune system immune Agent dynamic network forensics |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
