期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种有效支持计算机取证的审计机制研究 被引量:2

Research on Effectively Supported Computer Forensic Audit Mechanism
在线阅读 下载PDF
导出
摘要 审计机制是获取原始证据的一种主要途径,针对目前访问控制模型在审计机制设计中的不足,采用Markov链对主体访问客体的行为进行建模及预测,确定某次访问时主体的可疑程度,并根据可疑程度决定将原始证据写入不同等级的日志文件。按照这种方法生成的日志文件,能有效减小证据存储所需要的空间,缩短取证时间。 Audit mechanism provides a main way to get the users' operation record, but there still exists some deficiency in audit mechanism. So a new audit mechanism is proposed based on Markov model. The mechanism can predict the access mode and log files are grouped into three grades according the prediction result, and this can lead to smaller storage and shorter time to get witness.
作者 曾剑平 郭东辉
机构地区 厦门大学物理与机电工程学院物理系EDA实验室
出处 《计算机工程》 CAS CSCD 北大核心 2006年第6期148-150,153,共4页 Computer Engineering
基金 国家自然科学基金资助项目(60076015) 国家人事部留学人员创业基金资助项目
关键词 计算机取证 日志文件 MARKOV MODEL Computer forensic Log file Markov model
分类号 TP39 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献7

  • 1Tian Zhihong,Fang Binxing,Yun Xiaochun.An Architecture for Intrusion Detection Using Honey Pot[C].2003 International Conference on Machine Learning and Cybernetics,2003,4:2096
  • 2Civie V,Civie R.Future Technologies from Trends in Computer Forensic Science[C].IEEE,Information Technology Conference,1998:105-108.
  • 3梁锦华,蒋建春,戴飞雁,卿斯汉.计算机取证技术研究[J].计算机工程,2002,28(8):12-14. 被引量:34
  • 4钱桂琼,杨泽明,许榕生.计算机取证的研究与设计[J].计算机工程,2002,28(6):56-58. 被引量:55
  • 5陈爱莉,张焕国.一种支持计算机取证的日志系统的设计[J].计算机工程与应用,2003,39(15):122-124. 被引量:5
  • 6Jiqiang L,Zhen H,Zengwei L.Secure Audit Logs Server to Support Computer Forensics in Criminal Investigations[C].TENCON '02,Proceedings of IEEE Region 10 Conference on Computers,Communications,Control and Power Engineering,2002,1:180-183.
  • 7Abraham T,de Vel O.Investigative Profiling with Computer Forensic Log Data and Association Rules.Proceedings of 2002 IEEE International Conference on Data Mining,2002:11-8.

二级参考文献14

  • 1[1]Lunn D A.Computer Forensics:An Overview. http://www.sansorg, 2001-02
  • 2[2]3 Day Computer Forensics Training Course: Oregon.http://www. forensics-intl.com,2001
  • 3[3]Computer Forensics Training Center Online.http://www.cftco.com, 2001
  • 4[4]Robbins J.An Explanation of Computer Forensics.http://www.computerforensics.net,2001
  • 5[1]Lunn D A.Computer Forensics:An Overview.http:∥www.sans.org/infosecFAQ/incident/forensics.htm
  • 6[2]CERT R Coordination Center Steps for Recovering from a Unix or NT System Compromise.http:∥www.cert.org/tech tips/root compromise.html
  • 7[3]Robbins J.An Explanation of Computer Forensics. http:∥www.computerforensics.net/forensics.htm
  • 8[4]Farmer D,Venema W.Computer Forensics Analysis Class Handouts.http:∥fish.com/forensics/class.html
  • 9Schneier B ,Kelsey J.Tamperproof audit logs as a forensics tool for intrusion detection systems.CA,1999:53-62.
  • 10Ravi Sandhu, Pierangela Samarati.Authentication, Access Control,and Audit[J].ACM Computing Surveys, 1996; 28 ( 1 ).

共引文献76

同被引文献17

  • 1Wang Xiaoyun, Yu Hongbo. How to Break MD5 and Other Hash Functions[C]//Proceedings of CRYPTO'05. Aarhus, Denmark: [s. n.], 2005.
  • 2Avoine G, Junod P, Oechslin P. Characterization and Improvement of Time-memory Trade-off Based on Perfect Tables[J]. ACM Trans. on Information and System Security, 2008, 11(4): 1-22.
  • 3VIDIA. CUDA[EB/OL]. (2009-03-30). http://www.nvidia.cn/objeet/ cuda home cn.html.
  • 4WangXiaoyiin, YuHongho. How to Break MD5 and Other Hash Functions[C]//Prooeedings of CRYPTO ^OS.AarhusJ^nmarkrfs.n.],2005.
  • 5Corporation N. CUDA Programming Guide [EB/OL]. http //: www.nvdia.com.2009.2.
  • 6Tehver M.(General Purpose GPU Programming with CUDA[Z]. speech inDenison University,2007 .
  • 7Portegies Z S F,Belleman K G,Geldof P M.High-performance directgravitational N-body simulations on graphics processing units [J].NewAstron,2007(12):641-650.
  • 8Dongarra J,Foster I,Fox G,et al.Sourcebook of Parallel Com-puting[M].Elsevier Science,2003 .
  • 9Kider Jr J T.GPU as a Parallel Marhine:Sorting on theGPU [C].Proc.ofCIS’05, 2005.
  • 10Lee H,Kwon T,Cho D H.An Enhanced Uplink Scheduling AlgorithmBased on Voice Acticity for VoIP Services in IEEE 802.16(l/e System[J],IEEE Communication Letters,2005,9(8):691 -693.

引证文献2

二级引证文献15

计算机工程
2006年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部