摘要
计算机取证目前在国外正逐步成为研究与开发的热点,但在国内仅有少量研究文章。网络安全技术中的一个重要方面就是入侵事件的检测与取证分析。文中在基于网络的取证分析中作了一些尝试,在Linux操作系统下综合利用基于主机和网络的入侵检测技术,开发出一套高效实用的基于Web的入侵检测与取证系统。给出了系统总体结构、主要模块的设计实现方法和关键数据结构。该系统能以直观友好的图形化方式显示入侵事件与取证信息。
Computer forensics are now attracted by researchers and developers abroad, but s tudied little in domestic, and the products of computer forensics are primarily those based on host. In this paper it exploited under Linux a web based computer forensic system, which is based on both host and network. It presented the stru cture of the system, the design and implement of the key modules and the key dat a structures. This intrusion and forensics system can display all the informatio n in a friendly chart mode.
出处
《计算机应用》
CSCD
北大核心
2003年第5期50-52,共3页
journal of Computer Applications
