Proceedings of the IEEK Conference (대한전자공학회:학술대회논문집)
- 2006.06a
- /
- Pages.33-34
- /
- 2006
On-demand Evidence Collection of Host Infringement based on the Analysis of Severity levels
위험도 분석에 기반한 On-demand 방식의 호스트 침해 증거 자료 수집 방안
- Choi, Yoon-Ho (School of EECS at Seoul National University) ;
-
Park, Jong-Ho
(School of EECS at Seoul National University)
;
- Kim, Sang-Kon (School of EECS at Seoul National University) ;
- Seo, Seung-U (School of EECS at Seoul National University) ;
- Kang, Yu (KT) ;
- Choi, Jin-Gi (KT) ;
- Moon, Ho-Gun (KT) ;
- Lee, Myung-Su (KT)
- 최윤호 (서울대학교 전기컴퓨터공학부) ;
-
박종호
(서울대학교 전기컴퓨터공학부)
;
- 김상곤 (서울대학교 전기컴퓨터공학부) ;
- 서승우 (서울대학교 전기컴퓨터공학부) ;
- 강유 ;
- 최진기 ;
- 문호건 ;
- 이명수
- Published : 2006.06.21
Abstract
Computer Forensics is a research area which finds the malicious users by collecting and analyzing the intrusion or infringement evidence of the computer crime. Many research about Computer Forensics has been done. But those research have focussed on how to collect the evidence after receiving the damage reports from computer users or network administrators. This paper describes about collecting the evidence of good quality at the time of infringement occurrence by the malicious user. By calculating Infringement severity of observable and protective hosts and referring to this value, we collect the evidence at the time of infringement occurrence to minimize the information modification of the evidence. We can reduce also the amount of logs that we use to analyze the infringement and can minimize the loss of the evidence.
Keywords