基于入侵检测的主动取证的研究和实现方法.docxVIP

基于入侵检测的主动取证的研究和实现方法 Active forensics method based on intrusion detection system [source: | : 2008-07-30 | : 3 | comments: 0 | fonts: large medium small] Abstract: in order to keep the valuable evidence and implement the larger data reduction, an active evidence is designed to select the storage method. Security incidents are classified according to the IDS logs, selected according to different types of security incidents and storage of different network data stored as evidence, evidence quantity and price of compromise? Keywords: take the initiative; Intrusion detection system; Computer evide