检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]武汉大学电子信息学院,湖北武汉430079 [2]通信指挥学院二系,湖北武汉430010
出 处:《武汉大学学报(工学版)》2012年第1期123-127,共5页Engineering Journal of Wuhan University
基 金:高等学校博士学科点专项科研基金(编号:20040486049);国家高技术研究发展计划(编号:2002AA1Z1490)
摘 要:针对当前网络取证数据过滤方法对先验知识过度依赖的问题,提出一种基于人工免疫网络聚类的过滤网络取证数据的方法.该方法以取证数据作为抗原,以具有动态作用域的B细胞作为人工免疫网络的节点,依据抗原与人工免疫网络的隶属度、B细胞的刺激度来进化人工免疫网络,根据过滤阈值判据,来筛选取证数据.实验结果表明,在不具备先验知识以及在合理选取时间窗口和过滤阈值以确保有较高检测率的情况下,算法能够提供较高的数据压缩比.该方法能够有效地确立调查数据的范围,有助于提高取证分析的效率.In order to improve the overreliance on prior knowledge in the filtering for the network forensics data,a new method for filtering the network forensic data based on the artificial immune network clustering was proposed.Taking the forensic data as the antigens and the dynamic influence-zoned B-cell as the node of artificial immune network respectively,the artificial immune network was evolved in terms of the membership grade between the antigens and artificial immune network and the stimulation of the B-cell.The network forensic data were filtered according to the filter threshold.The results indicated that the algorithm could provided higher data-compression ratios in the case of the rational selection time window and filtering threshold for ensuring an expected detection rate as well as without any priori knowledge.Therefore,the proposed method has a good ability in narrowing the scope of survey data and in the efficiency of forensic analysis.
关 键 词:计算机网络安全 计算机犯罪 计算机网络取证 聚类分析 过滤 人工免疫网络
分 类 号:TN915.08[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:52.14.93.7