Title :
Dynamically real-time computer forensics paradiam with immune
Author :
Peng Ling-xi ; Zhang Qun-yan
Author_Institution :
Sch. of Comput. Sci. & Eng., South China Univ. of Technol., Guangzhou, China
Abstract :
Computer forensics is the crucial technology against computer crimes. However, existing forensics methods or technology are inefficient and their stringencies are poor. This paper proposed a novel dynamic computer forensics model (DAIP) based on artificial immune and real-time network fatalness, which can vivify the crime scene. The definitions of self, non-self, and immunocyte in the network transactions were first given. Then, with the evolvement of mature detector and immature detector, the real-time network fatalness evaluation equations were built up, which can exactly compute holistic and each network attack of the host and network. Finally, computer forensics was carried out according to the value of real-time network fatalness and attack intensity. Both the theory analysis and experimental results prove that DAIP can primly reproduce the crime scene and acquire efficient evidence with low technique require to the technicians, which will provide a novel method for the computer forensics in the future application.
Keywords :
computer crime; computer network security; digital forensics; DAIP; artificial immune; attack intensity; computer crimes; crime scene; dynamic computer forensics model; dynamically real-time computer forensics paradiam; forensics methods; immature detector; real-time network fatalness evaluation equations; Abstracts; Computational modeling; Computers; Detectors; Forensics; Parallel processing; Robustness; artificial immune; computer crime; computer forensics; network security;
Conference_Titel :
Signal Processing (ICSP), 2014 12th International Conference on
Conference_Location :
Hangzhou
Print_ISBN :
978-1-4799-2188-1
DOI :
10.1109/ICOSP.2014.7015246
