基于Hash函数的计算机日志完整性检测模型设计  被引量:1

Computer log integrity detection model based on Hash function design

在线阅读下载全文

作  者:牛飞斐[1] 张若箐[2] 杨亚涛[3] 李子臣[1,3] 

机构地区:[1]河南理工大学计算机科学与技术学院,河南焦作454003 [2]西安电子科技大学通信工程学院,陕西西安710071 [3]北京电子科技学院通信工程系,北京100070

出  处:《计算机工程与设计》2014年第3期830-834,共5页Computer Engineering and Design

基  金:国家自然科学基金项目(61070219)

摘  要:计算机日志完整与否关系到取证证据真实与否,针对该问题设计了一个日志完整性检测模型。模型包括两个模块,日志完整性检测模块主要利用哈希函数为计算机系统日志生成一系列日志唯一标识符和其序列号,标识符的特殊关联作用可快速检测出日志是否被篡改,序列号能准确查到日志被篡改位置,同时利用数字签名技术为标识符确认身份,防止其在传送中身份被伪造,引入的可信第三方模块利用可信硬件很好提高了其存储安全性,也保证日志完整性检测离线、断电或被敌手攻击情况下正常工作。安全性分析与性能结果表明,该模型安全可靠,计算复杂度低,尤其对日志数量较大情况下进行检测,其效率较好。Whether computer log is complete or not matters to whether the forensic evidence is true or not, to solve this prob- lem, a log integrity detection model is designed. The model consists of two modules, log integrity testing module mainly uses a hash function to generate a series of log unique identifier and its serial number for the computer system log. With identifier of the special correlation function, whether the log is tampered or not can be quickly detected, serial number can accurately check the location of tampered log, at the same time, the digital signature technology is used to confirm identities, which prevents the iden- tity from forging in the transmission. Introduced trusted third party modules uses reliable hardware to improve the safety of the storage, and also to guarantee the offline log integrity tests, power outages, and attacked by enemy cases while working normal- ly. Security analysis and performance results show that the model is safe and reliable and has low calculation complexity. For the larger log number cases, its efficiency is better especially.

关 键 词:计算机日志 完整性检测模型 可信第三方 哈希函数 唯一标识符 

分 类 号:TP302[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象