Understanding the strategies of attacks is crucial for security applications such as computer and network forensics, intrusion response, and prevention of future attacks. This pap...
We argue in favor of the explicit inclusion of suspicion as a concrete concept to be used in the analysis of audit data in order to guide the search for evidence of misuse. Our ap...
Uncorrupted log files are the critical system component for computer forensics in case of intrusion and for real time system monitoring and auditing. Protection from tampering wit...
Audit logs, providing information about the current and past states of systems, are one of the most important parts of modern computer systems. Providing security for audit logs on...
Abstract. As the number of devices connected to the internet continues to grow rapidly and software systems are being increasingly deployed on the web, security and privacy have be...