摘要
在分析计算机动态取证基本原理和Multi-Agent特点的基础上,将Multi-Agent技术应用到计算机取证中,提出了一种基于Multi-Agent的网络入侵动态取证系统结构。该系统在多种Agent的协同工作下能实时、准确和全面地收集入侵证据,再现入侵过程,从而克服了静态取证所存在的实时性差和证据收集困难等缺陷。
The basic principle of dynamic computer forensics and the character of multi-agent are analysed. Applying the technique of multi-agent into computer forensics, a frame of dynamic forensics of network intrusion based on multi-agent is presented. This frame collect intrusion evidence real-timely, accurately and entirely, which cooperate with many kinds ofagents. And the intrusion processes is reappeared according to the real-time intrusion evidence. Therefore the limitations of static forensics are overcome, such as evidence collect difficultly, non-real-timely.
出处
《计算机工程与设计》
CSCD
北大核心
2006年第11期2051-2053,2056,共4页
Computer Engineering and Design
