Name
Abstract | ||
|---|---|---|
With the development of intrusion technologies, dynamic forensics is becoming more and more important. Dynamic forensics using IDS or honeypot are all based on a common hypothesis that the system is still in a reliable working situation and collected evidences are believable even if the system is suffered from intrusion. In fact, the system has already transferred into an insecurity and unreliable state, it is uncertain that whether the intrusion detectors and investigators could run as normal and whether the obtained evidences are credible. Although intrusion tolerance has been applied in many areas of security for years, few researches are referred to network forensics. The work presented in this paper is based on an idea to integrate intrusion tolerance into dynamic forensics to make the system under control, ensure the reliability of evidences and aim to gather more useful evidences for investigation. A mechanism of dynamic forensics based on intrusion forensics is proposed. This paper introduces the architecture of the model which uses IDS as tolerance and forensics trigger and honeypot as shadow server, the finite state machine model is described to specify the mechanism, and then two cases are analyzed to illuminate the mechanism. |
Year | DOI | Venue |
|---|---|---|
2009 | 10.1109/ISPA.2009.66 | ISPA |
Keywords | Field | DocType |
finite state machines,honeypot,integrate intrusion tolerance,finite state machine,security,intrusion detection system,network forensics,evidence reliability,finite state machine model,intrusion tolerance,dynamic forensics,security of data,intrusion detection,servers,automata,real time systems,computer architecture,forensics | Honeypot,Intrusion,Network forensics,Computer science,Computer security,Automaton,Server,Finite-state machine,Intrusion tolerance,Intrusion detection system | Conference |
Volume | Issue | ISBN |
null | null | 978-0-7695-3747-4 |
Citations | PageRank | References |
2 | 0.41 | 5 |
Authors | ||
4 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Lin Chen | 1 | 12 | 1.71 |
| Zhitang Li | 2 | 226 | 31.89 |
| Cuixia Gao | 3 | 22 | 2.00 |
| Lan Liu | 4 | 2 | 0.41 |