Dynamic Network Forensic Based Plug-In Architecture

被引:1
作者
Wang, Wenqi [1 ]
Li, Yong [2 ]
机构
[1] Zhongyuan Univ Technol, Coll Comp Sci, Zhengzhou 450007, Peoples R China
[2] Anyang Normal Univ, Dept Informat & Elect Engn, Anyang 455002, Peoples R China
来源
ICMECG: 2009 INTERNATIONAL CONFERENCE ON MANAGEMENT OF E-COMMERCE AND E-GOVERNMENT, PROCEEDINGS | 2009年
关键词
forensic framework; plug-in techniques; intrusion forensic;
D O I
10.1109/ICMeCG.2009.122
中图分类号
F [经济];
学科分类号
02 ;
摘要
Considering on judicial forensic requirements and the character of network crime diversity, a architecture based on XML and plug-in techniques is proposed in this paper. The framework adopts encrypt and authentication technology which ensures collected evidence can be accepted by court, so the original evidence in framework is stability. Because of the network application's diversity, the judgment whether the network packet need collect is implemented by plug-in. Finally, based on the framework, the forensic on specifically information and hacker attack are implemented, in which the analyzing of hacker attack forensic adapts intrusion detection system such as snort, consequently, feasibility of architecture is proved by experiment.
引用
收藏
页码:445 / +
页数:2
相关论文
共 4 条
[1]  
COHEN M, P 8 ANN DIG FOR RES, V5, pS112
[2]   The current status of forensic science laboratory accreditation in Europe [J].
Malkoc, Ekrem ;
Neuteboom, Wim .
FORENSIC SCIENCE INTERNATIONAL, 2007, 167 (2-3) :121-126
[3]  
STEPHEN B, 2008, 8 DIG FOR RES WORKSH
[4]  
WANG L, 2003, J SOFTWARE, V14
1