摘要:In th is paper details th e design o f a h ost-based intrusion detection system an d describ es the desiredch aracteris tics of an Intrusion Detection Data So urce (IDDS). Further, th is p ap er p rov ides featu res th at makean IDS techn olog y a u seful as an ev id ence acqu isition tool. An explanation is p ro vided of admissib ility andweigh t, th e two d eterm inants in the legal accep tab ility o f ev id ence of IDSs as sou rces of legal evid en ce,in clu ding preservation of evid en ce, contin uity o f ev idence and transp arency o f forensic metho d
关键词:In tru si on Detectio n Sy stem ; Evid en ce; Forensic
