Title :
Dynamical Network Forensics Based on Immune Agent
Author :
Wang, Diangang ; Li, Tao ; Liu, Sunjun ; Zhang, Jianhua ; Liu, Caiming
Author_Institution :
Sichuan Univ., Chengdu
Abstract :
Current network forensics systems are static and not real-time. In order to overcome the shortages, a dynamical network forensics model based on artificial immune theory and multi-agent theory, referred to as DNF, is introduced here. Comparing with traditional computer forensics methods, the new method provides the capacity that gathering real-time evidence dynamically as soon as network intrusions take place and saving the evidence in a safe way to prepare for the collection and analysis of the original evidence. In this paper, architecture of the model and the definitions of its components inspired by the immunity theory are given out. The experiment shows that it is able to insure the authenticity, integrality and validity of the digital evidence, and it is a new method for dynamic computer forensics.
Keywords :
artificial immune systems; computer networks; multi-agent systems; telecommunication computing; telecommunication security; artificial immune theory; dynamical network forensics model; immune agent; multiagent theory; network intrusions; Artificial immune systems; Computer networks; Computer science; Forensics; Humans; Immune system; Intrusion detection; Pathogens; Protection; Real time systems;
Conference_Titel :
Natural Computation, 2007. ICNC 2007. Third International Conference on
Conference_Location :
Haikou
Print_ISBN :
978-0-7695-2875-5
DOI :
10.1109/ICNC.2007.345
