More various and effective security technology is introduced to us such as from protection technique against usual computer emergency incident like the existing intrusion detection system, firewall, intrusion prevention system to the present integrati...
다국어 입력
あ
ぁ
か
が
さ
ざ
た
だ
な
は
ば
ぱ
ま
や
ゃ
ら
わ
ゎ
ん
い
ぃ
き
ぎ
し
じ
ち
ぢ
に
ひ
び
ぴ
み
り
う
ぅ
く
ぐ
す
ず
つ
づ
っ
ぬ
ふ
ぶ
ぷ
む
ゆ
ゅ
る
え
ぇ
け
げ
せ
ぜ
て
で
ね
へ
べ
ぺ
め
れ
お
ぉ
こ
ご
そ
ぞ
と
ど
の
ほ
ぼ
ぽ
も
よ
ょ
ろ
を
ア
ァ
カ
サ
ザ
タ
ダ
ナ
ハ
バ
パ
マ
ヤ
ャ
ラ
ワ
ヮ
ン
イ
ィ
キ
ギ
シ
ジ
チ
ヂ
ニ
ヒ
ビ
ピ
ミ
リ
ウ
ゥ
ク
グ
ス
ズ
ツ
ヅ
ッ
ヌ
フ
ブ
プ
ム
ユ
ュ
ル
エ
ェ
ケ
ゲ
セ
ゼ
テ
デ
ヘ
ベ
ペ
メ
レ
オ
ォ
コ
ゴ
ソ
ゾ
ト
ド
ノ
ホ
ボ
ポ
モ
ヨ
ョ
ロ
ヲ
―
http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
예시)
- 中文 을 입력하시려면 zhongwen을 입력하시고 space를누르시면됩니다.
- 北京 을 입력하시려면 beijing을 입력하시고 space를 누르시면 됩니다.
А
Б
В
Г
Д
Е
Ё
Ж
З
И
Й
К
Л
М
Н
О
П
Р
С
Т
У
Ф
Х
Ц
Ч
Ш
Щ
Ъ
Ы
Ь
Э
Ю
Я
а
б
в
г
д
е
ё
ж
з
и
й
к
л
м
н
о
п
р
с
т
у
ф
х
ц
ч
ш
щ
ъ
ы
ь
э
ю
я
′
″
℃
Å
¢
£
¥
¤
℉
‰
$
%
F
₩
㎕
㎖
㎗
ℓ
㎘
㏄
㎣
㎤
㎥
㎦
㎙
㎚
㎛
㎜
㎝
㎞
㎟
㎠
㎡
㎢
㏊
㎍
㎎
㎏
㏏
㎈
㎉
㏈
㎧
㎨
㎰
㎱
㎲
㎳
㎴
㎵
㎶
㎷
㎸
㎹
㎀
㎁
㎂
㎃
㎄
㎺
㎻
㎽
㎾
㎿
㎐
㎑
㎒
㎓
㎔
Ω
㏀
㏁
㎊
㎋
㎌
㏖
㏅
㎭
㎮
㎯
㏛
㎩
㎪
㎫
㎬
㏝
㏐
㏓
㏃
㏉
㏜
㏆
RISS 인기검색어
https://www.riss.kr/link?id=T10905919
- 저자
-
발행사항
대전: 大田大學校, 2006
-
학위논문사항
학위논문(석사) -- 大田大學校 大學院 , 컴퓨터工學科 시스템소프트웨어專攻 , 2006
-
발행연도
2006
-
작성언어
한국어
-
KDC
566.88 판사항(4)
-
DDC
621.38928 판사항(21)
-
발행국(도시)
대전
-
형태사항
v, 84장: 삽화; 26 cm
-
일반주기명
참고문헌: 장 81-82
-
소장기관
- 국립중앙도서관
- 대전대학교 도서관
- 국립중앙도서관
-
0
상세조회 -
0
다운로드
부가정보
다국어 초록 (Multilingual Abstract)
More various and effective security technology is introduced to us such as from protection technique against usual computer emergency incident like the existing intrusion detection system, firewall, intrusion prevention system to the present integration management system, ESM. However we should change it by the customers' needs- they need computer forensics technology which analyzes the evidence of intruders, tracks and finally finds it - because this technology is very poor to get the evidence for the intruders and network efficiency. The computer forensics field which has been used for the investigation method before becomes more important by often computer emergency incident. Confidence and integrity of incident system in forensics was recognized importantly, since it has been performed as an evidence however at this time also it is made much account of the prompt judgement and correspondence against the incident.
ESM is a method to strengthen security and also gathers and manages log of each agent. For analyzing this, it provides a manger with log information. The gathered information could be legal evidence but it shows a boundary because of shortage of integrity and insufficiency of analysis technology. Integrated security management system has no problem in load management side because it transmits just the existing fixed log but, but the system, which supports computer forensic, needs to load management function because it must transmit high capacity files such as disk image.
We classify the digital evidence management by module such as evidence charge module, evidence analysis module, agent management module, infringement accident confrontation module. We also design and implement the system to overcome the limit of integrated security management system above in this paper. We implement the system focusing on database, which guarantees the integrity of evidence and stores it, and load balancing of digital evidence management system. As a result of performance evaluation for verification, this system was far superior to general integrated security management system in the side of resource utilization. We know it mostly supports the functions of computer forensic.
ESM is a method to strengthen security and also gathers and manages log of each agent. For analyzing this, it provides a manger with log information. The gathered information could be legal evidence but it shows a boundary because of shortage of integrity and insufficiency of analysis technology. Integrated security management system has no problem in load management side because it transmits just the existing fixed log but, but the system, which supports computer forensic, needs to load management function because it must transmit high capacity files such as disk image.
We classify the digital evidence management by module such as evidence charge module, evidence analysis module, agent management module, infringement accident confrontation module. We also design and implement the system to overcome the limit of integrated security management system above in this paper. We implement the system focusing on database, which guarantees the integrity of evidence and stores it, and load balancing of digital evidence management system. As a result of performance evaluation for verification, this system was far superior to general integrated security management system in the side of resource utilization. We know it mostly supports the functions of computer forensic.
More various and effective security technology is introduced to us such as from protection technique against usual computer emergency incident like the existing intrusion detection system, firewall, intrusion prevention system to the present integration management system, ESM. However we should change it by the customers' needs- they need computer forensics technology which analyzes the evidence of intruders, tracks and finally finds it - because this technology is very poor to get the evidence for the intruders and network efficiency. The computer forensics field which has been used for the investigation method before becomes more important by often computer emergency incident. Confidence and integrity of incident system in forensics was recognized importantly, since it has been performed as an evidence however at this time also it is made much account of the prompt judgement and correspondence against the incident.
ESM is a method to strengthen security and also gathers and manages log of each agent. For analyzing this, it provides a manger with log information. The gathered information could be legal evidence but it shows a boundary because of shortage of integrity and insufficiency of analysis technology. Integrated security management system has no problem in load management side because it transmits just the existing fixed log but, but the system, which supports computer forensic, needs to load management function because it must transmit high capacity files such as disk image.
We classify the digital evidence management by module such as evidence charge module, evidence analysis module, agent management module, infringement accident confrontation module. We also design and implement the system to overcome the limit of integrated security management system above in this paper. We implement the system focusing on database, which guarantees the integrity of evidence and stores it, and load balancing of digital evidence management system. As a result of performance evaluation for verification, this system was far superior to general integrated security management system in the side of resource utilization. We know it mostly supports the functions of computer forensic.
목차 (Table of Contents)
- 제 1 장 서 론 = 1
- 1.1 연구 배경 = 1
- 1.2 연구 목적 = 3
- 1.3 연구 내용 및 논문 구성 = 6
- 제 2 장 관련 연구 = 7
- 제 1 장 서 론 = 1
- 1.1 연구 배경 = 1
- 1.2 연구 목적 = 3
- 1.3 연구 내용 및 논문 구성 = 6
- 제 2 장 관련 연구 = 7
- 2.1 ESM = 7
- 2.1.1 ESM 개요 = 7
- 2.1.2 ESM 구성요소 = 9
- 2.1.3 ESM 동향 = 11
- 2.2 컴퓨터 포렌식스 = 16
- 2.2.1 컴퓨터 포렌식스 개요 = 16
- 2.2.2 컴퓨터 포렌식스 국내외 동향 = 22
- 2.2.3 컴퓨터 포렌식스 도구 문제점 = 26
- 2.3 증거관리 요구사항 분석 = 28
- 제 3 장 전자적 증거관리 시스템 설계 및 구현 = 32
- 3.1 전자적 증거관리 시스템 개요 = 32
- 3.2 전자적 증거관리 시스템 구성도 = 39
- 3.2.1 시스템 세부 구성요소 = 39
- 3.2.2 연계 시스템 = 41
- 3.3 전자적 증거관리 시스템의 동작 시나리오 = 44
- 3.4 설계 및 구현 = 47
- 3.4.1 증거 보관 모듈 = 48
- 3.4.2 증거 분석 모듈 = 53
- 3.4.3 에이전트 관리 모듈 = 57
- 3.4.4 침해사고 대응 모듈 = 66
- 제 4 장 실험 결과 및 분석 = 67
- 4.1 실험 환경 = 67
- 4.1.1 침입 탐지 시스템 실행 = 68
- 4.1.2 실험을 위한 공격 = 69
- 4.1.3 증거수집 시스템 = 70
- 4.2 전자적 증거관리 시스템 실행 = 71
- 4.2.1 증거 보관 모듈 = 71
- 4.2.2 증거 분석 모듈 = 72
- 4.2.3 에이전트 관리 모듈 = 74
- 4.2.4 침해사고 대응 모듈 = 75
- 4.3 결과 분석 = 76
- 4.3.1 에이전트 관리 모듈 성능 평가 = 76
- 4.3.2 전자적 증거관리 시스템 성능 평가 = 79
- 제 5 장 결론 = 80
- 참고문헌 = 81
- Abstract = 83
분석정보
이 자료와 함께 이용한 RISS 자료
나만을 위한 추천자료
