检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:孙皓 彭正冲 王强[1] 张中雷 SUN Hao;PENG Zhengchong;WANG Qiang;ZHANG Zhonglei(No.30 Institute of CETC,Chengdu Sichuan 610041,China)
机构地区:[1]中国电子科技集团公司第三十研究所,四川成都610041
出 处:《信息安全与通信保密》2025年第3期89-99,共11页Information Security and Communications Privacy
摘 要:面对日益复杂、隐蔽的网络攻击,安全分析和取证追责需求持续增长。以电子取证典型的“采集、存储、分析”流程为基础,提出了一种基于电子取证的网络攻击综合分析解决方案,通过多元的电子证据采集、安全的电子证据存储、智能的电子证据分析等电子取证手段,完成电子证据的全面勘察、安全固证和精准分析,能够实现针对网络攻击的事前预警、事中实时检测和事后取证。同时,以某企业局域网的网络环境为例,开展了基于电子取证的网络攻击综合分析系统的应用实践和效能评估,能够为其部署应用提供参考。Facing increasingly complex and insidious cyber attacks,the requirements for security analysis and forensics accountability continue to grow.Based on“collection,storage,analysis”from the typical process of electric forensics,this paper proposes a solution for cyber attacks comprehensive analysis based on electric forensics,which completes multifariously inspection,electric evidence fixation and integrated analysis through the variety of electronic evidence collection,secure electronic evidence storage,accurate electronic evidence analysis and other electric forensics means,and is capable of achieving the comprehensive analysis capabilities for cyber attacks such as pre-incident warning,real-time detection and post-incident forensics.At the same time,the paper develops the application practice and effectiveness evaluation of the cyber attacks comprehensive analysis system based on electric forensics in a local area network environment,which can provide reference for the deployment of this design.
关 键 词:电子取证 电子证据 网络安全 证据采集 取证分析
分 类 号:TN919[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.7