摘要
对复杂信息系统的业务用户行为和网络取证进行了研究,结合木马技术提出了基于业务用户行为的计算机动态取证评估模型,该模型构建了基于云模型的业务用户行为定量评估方法。通过仿真实验验证了模型评估的合理性,同时验证了该模型能实时隐蔽地记录用户行为,并能确保将获取的信息反馈给取证控制端,为计算机动态取证的研究提供了一种可行的技术方案。
A dynamic computer forensic model based on business user's behavior is proposed under the research background of complex network environment of information system. This model, which adopts the Trojans theory, provides a method of quantitative evaluation of business user's behavior based on cloud model theory. The rationality of the model's evaluation is verified through simulation tests. At the meantime, it is proved that the model is able to record the business user's behavior covertly and real-timely, and ensure that the obtained evidence can be fed beck to the control terminal, offering a feasible technical approach to the research of computer forensics.
出处
《电子科技大学学报》
EI
CAS
CSCD
北大核心
2015年第6期921-927,共7页
Journal of University of Electronic Science and Technology of China
基金
国家自然科学基金(61175055)
四川省重点科技研究发展计划(2011FZ0051)
工信部无线电管理局项目([2011]146)
关键词
行为评估
业务用户行为
云模型
计算机动态取证
信任云
behavior evaluation
business user behavior
cloud model theory
dynamic computer forensic
trust cloud