{"title":"基于插件架构的动态网络取证","authors":"Wenqi Wang, Yong Li","doi":"10.1109/ICMECG.2009.122","DOIUrl":null,"url":null,"abstract":"Considering on judicial forensic requirements and the character of network crime diversity, a architecture basedon XML and plug-in techniques is proposed in this paper. The framework adopts encrypt and authentication technologywhich ensures collected evidence can be accepted by court, so the original evidence in framework is stability. Because of the network application’s diversity, the judgment whether the network packet need collect is implemented by plug-in. Finally, based on the framework, the forensic on specifically information and hacker attack are implemented, in which the analyzing of hacker attack forensic adapts intrusion detection system such as snort, consequently, feasibility of architecture is proved by experiment.","PeriodicalId":252323,"journal":{"name":"2009 International Conference on Management of e-Commerce and e-Government","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-09-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Dynamic Network Forensic Based Plug-In Architecture\",\"authors\":\"Wenqi Wang, Yong Li\",\"doi\":\"10.1109/ICMECG.2009.122\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Considering on judicial forensic requirements and the character of network crime diversity, a architecture basedon XML and plug-in techniques is proposed in this paper. The framework adopts encrypt and authentication technologywhich ensures collected evidence can be accepted by court, so the original evidence in framework is stability. Because of the network application’s diversity, the judgment whether the network packet need collect is implemented by plug-in. Finally, based on the framework, the forensic on specifically information and hacker attack are implemented, in which the analyzing of hacker attack forensic adapts intrusion detection system such as snort, consequently, feasibility of architecture is proved by experiment.\",\"PeriodicalId\":252323,\"journal\":{\"name\":\"2009 International Conference on Management of e-Commerce and e-Government\",\"volume\":\"26 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-09-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 International Conference on Management of e-Commerce and e-Government\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICMECG.2009.122\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 International Conference on Management of e-Commerce and e-Government","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICMECG.2009.122","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Dynamic Network Forensic Based Plug-In Architecture
Considering on judicial forensic requirements and the character of network crime diversity, a architecture basedon XML and plug-in techniques is proposed in this paper. The framework adopts encrypt and authentication technologywhich ensures collected evidence can be accepted by court, so the original evidence in framework is stability. Because of the network application’s diversity, the judgment whether the network packet need collect is implemented by plug-in. Finally, based on the framework, the forensic on specifically information and hacker attack are implemented, in which the analyzing of hacker attack forensic adapts intrusion detection system such as snort, consequently, feasibility of architecture is proved by experiment.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
