面向入侵的取证系统框架
文献类型:期刊论文
| 作者 | 周博文 ; 丁丽萍 ; 王永吉 |
| 刊名 | 计算机应用研究
 |
| 出版日期 | 2008 |
| 卷号 | 25期号:4页码:1117-1119 |
| 关键词 | 入侵攻击 计算机取证 操作系统 内核 intrusion computer forensics operating system kernel |
| ISSN号 | 1001-3695 |
| 其他题名 | framework of forensic system against intrusion |
| 中文摘要 | 在分析常见入侵攻击的基础上抽象出入侵过程的一般模式,提出针对入侵攻击的取证系统应满足的特征。提出了入侵取证模型,并基于这一取证模型在操作系统内核层实现了取证系统原型KIFS(kernel intrusion forensic system)。在对实际入侵的取证实验中,根据KIFS得到的证据,成功记录并重构了一个针对FreeBSD系统漏洞的本地提升权限攻击的完整过程。 |
| 收录类别 | cscd,wanfang,cnki |
| 语种 | 中文 |
| 公开日期 | 2010-08-17 |
| 附注 | Several frequent intrusions were analyzed and a general intrusion pattern was abstracted from these attacks. Based on this abstraction of intrusion pattern, the basic characteristics of intrusion forensic system was presented. By giving the model of the forensic system against intrusion, a prototype called KIFS (kernel intrusion forensic system) based on the forensic model was implemented. In an experiment aimed at collecting evidence against a real world exploit in FreeBSD-4.3 operating system, according to the result given by KIFS, details of the intrusion were recorded succossfully and the whole incident was reconstructed. |
| 源URL | [http://124.16.136.157/handle/311060/3296]  |
| 专题 | 软件研究所_互联网软件技术实验室 _期刊论文 |
| 推荐引用方式 GB/T 7714 | 周博文,丁丽萍,王永吉. 面向入侵的取证系统框架[J]. 计算机应用研究,2008,25(4):1117-1119. |
| APA | 周博文,丁丽萍,&王永吉.(2008).面向入侵的取证系统框架.计算机应用研究,25(4),1117-1119. |
| MLA | 周博文,et al."面向入侵的取证系统框架".计算机应用研究 25.4(2008):1117-1119. |
入库方式: OAI收割
来源:软件研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。