摘要
To effectively collect electronic evidences of computer crime, a novel danger theory based computer dynamic model (Demed) is proposed. With definitions of self non-self and detector, the intrusion detection sub-model is given, which is composed of memory cell set, mature cells set, and immature cells set. Then, the danger theory based computer dynamic forensics sub-model is further given. Both the theory analysis and experimental results show that Demed provides an effective approach for computer dynamic forensics.
- 出版日期2007
- 单位四川大学