论文信息 - A Computer Forensics Model Based On Danger Theory

A Computer Forensics Model Based On Danger Theory

To effectively collect electronic evidences of computer crime, a novel danger theory based computer dynamic model (Demed) is proposed. With definitions of self, non-self and detector, the intrusion detection sub-model is given, which is composed of memory cell set, mature cells set, and immature cells set. Then, the danger theory based computer dynamic forensics sub-model is further given. Both the theory analysis and experimental results show that Demed provides an effective approach for computer dynamic forensics.

[1] Alan S. Perelson,et al. Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[2] Li Tao. An Immune Based Model for Network Monitoring , 2006 .

[3] Andy Spruill,et al. Tackling the U3 trend with computer forensics , 2007, Digit. Investig..

[4] Yang Pin. Dynamic Computer Forensics Based on Artificial Immune System Against Network Intrusion , 2004 .

[5] F. Burnet. The clonal selection theory of acquired immunity , 1959 .

[6] Guan Xiaohong,et al. Quantitative Hierarchical Threat Evaluation Model for Network Security , 2006 .

[7] Vicki Miller Luoma,et al. Computer forensics and electronic discovery: The new management challenge , 2006, Comput. Secur..

[8] P. Matzinger. The Danger Model: A Renewed Sense of Self , 2002, Science.

[9] Wu-chi Feng,et al. Automatic high-performance reconstruction and recovery , 2007, Comput. Networks.

[10] Tao Li,et al. An immunity based network security risk estimation , 2005, Science in China Series F: Information Sciences.

[11] Li Tao,et al. Dynamic Network Forensics Based on Immune Agent System , 2006 .