| 基于模糊理论的实时取证模型 |
| |
| 引用本文: | 秦拯,李建辉,邹建军,綦朝晖. 基于模糊理论的实时取证模型[J]. 湖南大学学报(自然科学版), 2006, 33(4): 115-118 |
| |
| 作者姓名: | 秦拯 李建辉 邹建军 綦朝晖 |
| |
| 作者单位: | 湖南大学,软件学院,湖南,长沙,410082;东莞理工学院,广东,东莞,523808;湖南大学,软件学院,湖南,长沙,410082;东莞理工学院,广东,东莞,523808;天津大学,计算机科学与技术系,天津,300072 |
| |
| 基金项目: | 国家自然科学基金资助项目(60273070),国家高技术研究发展计划资助项目(863计划,2002AA142010) |
| |
| 摘 要: | 利用模糊理论在处理不确定性问题上的优越性,提出一种模糊实时取证模型,并开发了原型系统.可能包含入侵踪迹的信息记录都被动态地转移到安全对象M中,每种关键文件在M中都存在一个对等的映像,用来存储安全转移过来的信息记录.关键文件中信息记录mi的安全级别分为3个等级,对不同安全级别信息记录保存的时间不尽相同,以优先长时间保存那些可能存在入侵信息的记录.系统的安全性评价和实验表明,与攻击行为有关的信息记录95%以上都能动态安全地转移和智能取舍.
|
| 关 键 词: | 计算机取证 模糊控制 实时取证模型 入侵检测 |
| 文章编号: | 1000-2472(2006)04-0115-04 |
| 收稿时间: | 2006-01-12 |
| 修稿时间: | 2006-01-12 |
Real-Time Forensics Model Based on Fuzzy Theory |
| |
| QIN Zheng,LI Jian-hui,ZOU Jian-jun,QI Zhao-hui. Real-Time Forensics Model Based on Fuzzy Theory[J]. Journal of Hunan University(Naturnal Science), 2006, 33(4): 115-118 |
| |
| Authors: | QIN Zheng LI Jian-hui ZOU Jian-jun QI Zhao-hui |
| |
| Abstract: | This paper presented a real-time forensics model based on fuzzy theory,and the prototype was implemented.The model took advantage of fuzzy theory in disposing of uncertain problems.The information records,which may be suspicious intrusion information,were dynamically transferred to a secure object 'M',in which every key file had a corresponding image.To store those records longer and at first priority,the information records were of 3 various security levels.The security of the model was evaluated and testified.95 percent of the information records,which may be suspicious intrusion information,were safely transferred to an authentic place and then could be selectively stored. |
| |
| Keywords: | computer forensics fuzzy theory real-time forensics model intrusion information |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《湖南大学学报(自然科学版)》浏览原始摘要信息 |
|
点击此处可从《湖南大学学报(自然科学版)》下载全文 |
|
