Sciweavers

SADFE
2008
IEEE

Exemplifying Attack Identification and Analysis in a Novel Forensically Viable Syslog Model

14 years 5 months ago
Exemplifying Attack Identification and Analysis in a Novel Forensically Viable Syslog Model
This research builds on our method for validating syslog entries proposed in [5]. The goal of the proposed method is to allow syslog files to be forensically viable. The goal with this phase of the work is to implement the proposed method and evaluate the forensic validity of the method under real-world conditions. This paper discusses that implementation and the ability for the generated authentication logs and access fingerprints to both identify malicious activity and identify the source of this activity. While work has been done to develop secure log files, i.e., making them tamper resistant, there has been no prior work to ensure they are forensically valid.
Steena Dominica Steven Monteiro, Robert F. Erbache
Added 01 Jun 2010
Updated 01 Jun 2010
Type Conference
Year 2008
Where SADFE
Authors Steena Dominica Steven Monteiro, Robert F. Erbacher
Comments (0)