Cited By
View all- Crosby SWallach D(2009)Efficient data structures for tamper-evident loggingProceedings of the 18th conference on USENIX security symposium10.5555/1855768.1855788(317-334)Online publication date: 10-Aug-2009
Exemplifying Attack Identification and Analysis in a Novel Forensically Viable Syslog Model
Pages 57 - 68
Abstract
This research builds on our method for validating syslog entries proposed in [5]. The goal of the proposed method is to allow syslog files to be forensically viable. The goal with this phase of the work is to implement the proposed method and evaluate the forensic validity of the method under real-world conditions. This paper discusses that implementation and the ability for the generated authentication logs and access fingerprints to both identify malicious activity and identify the source of this activity. While work has been done to develop secure log files, i.e., making them tamper resistant, there has been no prior work to ensure they are forensically valid.
Recommendations
An authentication and validation mechanism for analyzing syslogs forensically
This research proposes a novel technique for authenticating and validating syslogs for forensic analysis. This technique uses a modification of the Needham Schroeder protocol, which uses nonces (numbers used only once) and public keys. Syslogs, which ...
A Framework for a Forensically Sound Harvesting the Dark Web
CECC 2018: Proceedings of the Central European Cybersecurity Conference 2018The generative and transformative nature of the Internet which has become a synonym for the infrastructure of the contemporary digital society, is also a place where there are unsavoury and illegal activities such as fraud, human trafficking, exchange ...
Forensically ready digital identity management systems, issues of digital identity life cycle and context of usage
Collecting necessary digital and network forensics to prove the identity of an individual who is responsible for a crime, or suspected of a malicious attack, or has used a device during an incident, with minimum doubt to the court or other legitimate ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
May 2008
144 pages
ISBN:9780769531717
Publisher
IEEE Computer Society
United States
Publication History
Published: 22 May 2008
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 14 Jan 2025
Other Metrics
Citations
Cited By
View all- Crosby SWallach D(2009)Efficient data structures for tamper-evident loggingProceedings of the 18th conference on USENIX security symposium10.5555/1855768.1855788(317-334)Online publication date: 10-Aug-2009