국립중앙도서관 "우편 복사 서비스"로 연결 됩니다.
From the Protection Technology for general Incident such as the existing Intrusion Detection/Firewall/Prevention system to the present ESM(Enterprise Security Management), more various and effective Security Technologies have been presented. However, ...
다국어 입력
あ
ぁ
か
が
さ
ざ
た
だ
な
は
ば
ぱ
ま
や
ゃ
ら
わ
ゎ
ん
い
ぃ
き
ぎ
し
じ
ち
ぢ
に
ひ
び
ぴ
み
り
う
ぅ
く
ぐ
す
ず
つ
づ
っ
ぬ
ふ
ぶ
ぷ
む
ゆ
ゅ
る
え
ぇ
け
げ
せ
ぜ
て
で
ね
へ
べ
ぺ
め
れ
お
ぉ
こ
ご
そ
ぞ
と
ど
の
ほ
ぼ
ぽ
も
よ
ょ
ろ
を
ア
ァ
カ
サ
ザ
タ
ダ
ナ
ハ
バ
パ
マ
ヤ
ャ
ラ
ワ
ヮ
ン
イ
ィ
キ
ギ
シ
ジ
チ
ヂ
ニ
ヒ
ビ
ピ
ミ
リ
ウ
ゥ
ク
グ
ス
ズ
ツ
ヅ
ッ
ヌ
フ
ブ
プ
ム
ユ
ュ
ル
エ
ェ
ケ
ゲ
セ
ゼ
テ
デ
ヘ
ベ
ペ
メ
レ
オ
ォ
コ
ゴ
ソ
ゾ
ト
ド
ノ
ホ
ボ
ポ
モ
ヨ
ョ
ロ
ヲ
―
http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
예시)
- 中文 을 입력하시려면 zhongwen을 입력하시고 space를누르시면됩니다.
- 北京 을 입력하시려면 beijing을 입력하시고 space를 누르시면 됩니다.
А
Б
В
Г
Д
Е
Ё
Ж
З
И
Й
К
Л
М
Н
О
П
Р
С
Т
У
Ф
Х
Ц
Ч
Ш
Щ
Ъ
Ы
Ь
Э
Ю
Я
а
б
в
г
д
е
ё
ж
з
и
й
к
л
м
н
о
п
р
с
т
у
ф
х
ц
ч
ш
щ
ъ
ы
ь
э
ю
я
′
″
℃
Å
¢
£
¥
¤
℉
‰
$
%
F
₩
㎕
㎖
㎗
ℓ
㎘
㏄
㎣
㎤
㎥
㎦
㎙
㎚
㎛
㎜
㎝
㎞
㎟
㎠
㎡
㎢
㏊
㎍
㎎
㎏
㏏
㎈
㎉
㏈
㎧
㎨
㎰
㎱
㎲
㎳
㎴
㎵
㎶
㎷
㎸
㎹
㎀
㎁
㎂
㎃
㎄
㎺
㎻
㎽
㎾
㎿
㎐
㎑
㎒
㎓
㎔
Ω
㏀
㏁
㎊
㎋
㎌
㏖
㏅
㎭
㎮
㎯
㏛
㎩
㎪
㎫
㎬
㏝
㏐
㏓
㏃
㏉
㏜
㏆
RISS 인기검색어
컴퓨터 포렌식스를 지원하는 증거 수집 시스템 설계 및 구현 = Design and implementation of evidence collection system for computer forensics
한글로보기https://www.riss.kr/link?id=T9873434
- 저자
-
발행사항
대전 : 大田大學校 大學院, 2004
-
학위논문사항
학위논문(석사) -- 대전대학교 대학원 , 컴퓨터공학과 시스템소프트웨어전공 , 2005. 2
-
발행연도
2004
-
작성언어
한국어
-
주제어
컴퓨터 ; 포렌식스 ; 증거 수집 ; computer forensics
-
KDC
566.88 판사항(4)
-
발행국(도시)
대전
-
형태사항
ⅴ, 99p. : 삽도 ; 26cm.
-
일반주기명
참고문헌: p. 94-97
-
소장기관
-
0
상세조회 -
0
다운로드
부가정보
다국어 초록 (Multilingual Abstract)
From the Protection Technology for general Incident such as the existing Intrusion Detection/Firewall/Prevention system to the present ESM(Enterprise Security Management), more various and effective Security Technologies have been presented. However, the needs for Computer Forensics Technology is on the increase, which chases and analyses evidences of the intruder because in the case of these technologies, there are many poor things for the evidence taking of the intruder and network efficiency. Computer Forensics which has been used for a search method becomes more important in individuals' cases by frequently happened Incident. The integrity and reliability of the process was important because Victim system of Forensics played an important role as evidence, but quick judgment and confrontation for an event are getting more important too. However the existing Forensics tools were used as just simple methods. Therefore, in order to cope with the Hacking Incident we need the development of integrated forensics system adding the technology to collect and analysis evidences with the response technology. And also, it is needed the system which can take and analysis legal evidences quickly even if he is not a professional.
In this paper, we present the system which provides automated and integrated technologies by setting a relation as Manager, correspondence interface and Agent according to given Computer Forensics process and we concrete the evidence collecting system. Central Manager analyses and guesses the gained evidences by each agent and can get the legal evidences easily through Manager even though Agent manager is not a professional which can analysis and guess evidences. Correspondence interface performs Integrity, storage and transportation of gained evidences and can get originality and authenticity of the digital evidences. And Agent is added to not only evidence collecting technology also intrusion detection technology so it is possible to cope with a intrusion directly moving together with Trace Back System.
And also, the above processes are all programmed by computers and they are free to Hearsay Rule as direct evidences of Evidence Law and therefore they can be admitted to the evidence efficiency.
In this paper, we present the system which provides automated and integrated technologies by setting a relation as Manager, correspondence interface and Agent according to given Computer Forensics process and we concrete the evidence collecting system. Central Manager analyses and guesses the gained evidences by each agent and can get the legal evidences easily through Manager even though Agent manager is not a professional which can analysis and guess evidences. Correspondence interface performs Integrity, storage and transportation of gained evidences and can get originality and authenticity of the digital evidences. And Agent is added to not only evidence collecting technology also intrusion detection technology so it is possible to cope with a intrusion directly moving together with Trace Back System.
And also, the above processes are all programmed by computers and they are free to Hearsay Rule as direct evidences of Evidence Law and therefore they can be admitted to the evidence efficiency.
From the Protection Technology for general Incident such as the existing Intrusion Detection/Firewall/Prevention system to the present ESM(Enterprise Security Management), more various and effective Security Technologies have been presented. However, the needs for Computer Forensics Technology is on the increase, which chases and analyses evidences of the intruder because in the case of these technologies, there are many poor things for the evidence taking of the intruder and network efficiency. Computer Forensics which has been used for a search method becomes more important in individuals' cases by frequently happened Incident. The integrity and reliability of the process was important because Victim system of Forensics played an important role as evidence, but quick judgment and confrontation for an event are getting more important too. However the existing Forensics tools were used as just simple methods. Therefore, in order to cope with the Hacking Incident we need the development of integrated forensics system adding the technology to collect and analysis evidences with the response technology. And also, it is needed the system which can take and analysis legal evidences quickly even if he is not a professional.
In this paper, we present the system which provides automated and integrated technologies by setting a relation as Manager, correspondence interface and Agent according to given Computer Forensics process and we concrete the evidence collecting system. Central Manager analyses and guesses the gained evidences by each agent and can get the legal evidences easily through Manager even though Agent manager is not a professional which can analysis and guess evidences. Correspondence interface performs Integrity, storage and transportation of gained evidences and can get originality and authenticity of the digital evidences. And Agent is added to not only evidence collecting technology also intrusion detection technology so it is possible to cope with a intrusion directly moving together with Trace Back System.
And also, the above processes are all programmed by computers and they are free to Hearsay Rule as direct evidences of Evidence Law and therefore they can be admitted to the evidence efficiency.
목차 (Table of Contents)
- 목차 = ⅰ
- 제1장 서론 = 1
- 1.1 연구 배경 = 1
- 1.2 연구 목적 = 3
- 1.3 연구 내용 및 논문 구성 = 6
- 목차 = ⅰ
- 제1장 서론 = 1
- 1.1 연구 배경 = 1
- 1.2 연구 목적 = 3
- 1.3 연구 내용 및 논문 구성 = 6
- 제2장 관련연구 = 7
- 2.1 컴퓨터 포렌식스 = 7
- 2.1.1 컴퓨터 포렌식스 개요 = 7
- 2.1.2 컴퓨터 포렌식스 절차 = 9
- 2.1.3 컴퓨터 포렌식스 국내외 동향 = 12
- 2.2 컴퓨터 포렌식스 도구 = 15
- 2.2.1 통합적인 기능의 도구 = 15
- 2.2.2 부분적인 기능의 도구 = 21
- 2.2.3 포렌식스를 지원하는 유틸리티 = 23
- 2.2.4 컴퓨터 포렌식스 도구의 문제점 = 28
- 2.3 요구사항 분석 = 30
- 2.3.1 컴퓨터 포렌식스 도구 요구사항 = 32
- 2.3.2 컴퓨터 포렌식스 시스템 요구사항 = 35
- 제3장 증거수집 시스템 설계 및 구현 = 38
- 3.1 컴퓨터 포렌식스 시스템 개요 = 38
- 3.2 컴퓨터 포렌식스 시스템 구성도 = 45
- 3.2.1 증거수집 시스템 구성도 = 47
- 3.2.2 MTBS(Marking Traceback System) = 48
- 3.2.3 네트워크 포렌식스 도구 = 49
- 3.2.4 관리시스템(Manager) = 51
- 3.3 컴퓨터 포렌식스 시스템의 동작 시나리오 = 53
- 3.4 증거수집 시스템 세부 설계 및 구현 = 56
- 3.4.1 통신 인터페이스 = 57
- 3.4.2 탐지모듈 = 64
- 3.4.3 휘발성 자료수집 모듈 = 70
- 3.4.4 이미지 생성 모듈 = 73
- 3.4.5 무결성 검증 모듈 = 74
- 3.4.6 역추적 모듈 = 76
- 제4장 실험 결과 및 분석 = 78
- 4.1 실험 환경 = 78
- 4.1.1 증거수집 시스템 설치 = 79
- 4.1.2 실험을 위한 공격 = 81
- 4.2 증거수집 시스템 실행 = 84
- 4.3 결과 분석 = 91
- 제5장 결론 및 향후 연구 과제 = 93
- 참고문헌 = 94
- ABSTRACT = 98
분석정보
이 자료와 함께 이용한 RISS 자료
나만을 위한 추천자료
