电子科技大学学报
電子科技大學學報
전자과기대학학보
Journal of University of Electronic Science and Technology of China
2015年
6期
921-927
,共7页
王丹琛%张仕斌%徐扬%许宁
王丹琛%張仕斌%徐颺%許寧
왕단침%장사빈%서양%허저
行为评估%业务用户行为%云模型%计算机动态取证%信任云
行為評估%業務用戶行為%雲模型%計算機動態取證%信任雲
행위평고%업무용호행위%운모형%계산궤동태취증%신임운
behavior evaluation%business user behavior%cloud model theory%dynamic computer forensic%trust cloud
对复杂信息系统的业务用户行为和网络取证进行了研究,结合木马技术提出了基于业务用户行为的计算机动态取证评估模型,该模型构建了基于云模型的业务用户行为定量评估方法。通过仿真实验验证了模型评估的合理性,同时验证了该模型能实时隐蔽地记录用户行为,并能确保将获取的信息反馈给取证控制端,为计算机动态取证的研究提供了一种可行的技术方案。
對複雜信息繫統的業務用戶行為和網絡取證進行瞭研究,結閤木馬技術提齣瞭基于業務用戶行為的計算機動態取證評估模型,該模型構建瞭基于雲模型的業務用戶行為定量評估方法。通過倣真實驗驗證瞭模型評估的閤理性,同時驗證瞭該模型能實時隱蔽地記錄用戶行為,併能確保將穫取的信息反饋給取證控製耑,為計算機動態取證的研究提供瞭一種可行的技術方案。
대복잡신식계통적업무용호행위화망락취증진행료연구,결합목마기술제출료기우업무용호행위적계산궤동태취증평고모형,해모형구건료기우운모형적업무용호행위정량평고방법。통과방진실험험증료모형평고적합이성,동시험증료해모형능실시은폐지기록용호행위,병능학보장획취적신식반궤급취증공제단,위계산궤동태취증적연구제공료일충가행적기술방안。
A dynamic computer forensic model based on business user’s behavior is proposed under the research background of complex network environment of information system. This model, which adopts the Trojans theory, provides a method of quantitative evaluation of business user’s behavior based on cloud model theory. The rationality of the model’s evaluation is verified through simulation tests. At the meantime, it is proved that the model is able to record the business user’s behavior covertly and real-timely, and ensure that the obtained evidence can be fed beck to the control terminal, offering a feasible technical approach to the research of computer forensics.
