摘要
研究了计算机动态取证的相关技术,提出了一个计算机动态取证系统模型并对相关模块进行设计。根据动态取证的特点,将数据挖掘技术和多智能代理技术结合起来应用于动态取证系统中,系统在体系结构上使用基于智能代理的分布式结构,采用数据挖掘技术进行动态取证的海量数据分析,针对基本挖掘算法在取证分析实际应用中可能存在的不足,提出了相应的改进方法,通过实验分析,证明了改进算法在动态取证应用中的有效性。
Some association technologies were studied. A design model to the computer dynamic forensics system was put forward, and the detail design to the modules was given. According to the features of dynamic forensics, the method of applying data mining and multi--agent into the dynamic forensics, using multi--agent to build the architecture, using data mining technology to analyze the magnanimous data was raised. However, basic mining algorithms cannot be used to analyze digital evidence directly. So, relative improvements of basic algorithms and methods' of pattern analysis were put forward, and experiment is performed to prove the feasibility.
出处
《辽宁石油化工大学学报》
CAS
2008年第1期62-65,共4页
Journal of Liaoning Petrochemical University
关键词
计算机取证
数据挖掘
动态取证
关联分析
Computer forensics
Data mining
Dynamic forensics
Association analysis