Scheduled System Maintenance:
Some services will be unavailable Sunday, March 29th through Monday, March 30th. We apologize for the inconvenience.
By Topic

Modeling and Analyzing Dynamic Forensics System Based on Intrusion Tolerance

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Lin Chen ; Sch. of Comput. Sci. & Technol., Huazhong Univ. of Sci. & Technol., Wuhan, China ; Zhitang Li ; Cuixia Gao ; Yingshu Liu

As an important part of computer forensics, network forensics particularly places emphasis on dynamic network information collection and proactive defense. Most forensics systems based on intrusion detection or honeypot rarely emphasize the availability of actual servers. In addition, few of them discussed the occasion of dynamic forensics particularly. The work presented in this paper is based on an idea to assist dynamic forensics with intrusion tolerance and deception technology to enhance the availability of server system and gather more useful evidences on a proper occasion. A mechanism of dynamic forensics based on intrusion forensics is proposed and is modeled with finite state machine. The workflow is described. A semi Markov process based on the embedded Markov chain of the states transition model is built and described. Finally, the forensics capability and server availability are analysis. According to the numerical analysis result, the security performance and forensics capability of the forensics system are enhanced to a certain degree.

Published in:

Computer and Information Technology, 2009. CIT '09. Ninth IEEE International Conference on  (Volume:2 )

Date of Conference:

11-14 Oct. 2009