Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
AUSFORENSICS
2003
2003
Design of a Network-Access Audit Log for Security Monitoring and Forensic Investigation
An attempt at determining the source of anomalous network traffic may result in the identification of the networked system where it originated. From a forensic point of view it is almost impossible to positively identify the application or the user behind the application that generated the traffic. Many users may have been using the networked system and there remains the possibility of network traffic generation by Trojan horses. We propose a network-access log that bridges the gap between system event logs and network monitoring by extending event logging on individual hosts with information pertaining to generation of network traffic. The key contribution of the proposed network access audit log is the establishment of the chain of evidence linking the outgoing traffic to its source thereby improving the network security of an intranet. Keywords Security Monitoring, Forensic Investigation, Network Monitoring, Event Log.
Real-time TrafficAnomalous Network Traffic | AUSFORENSICS 2003 | Forensic Engineering | Network Monitoring | Network Traffic |
| Added | 31 Oct 2010 |
| Updated | 31 Oct 2010 |
| Type | Conference |
| Year | 2003 |
| Where | AUSFORENSICS |
| Authors | Atif Ahmad, Tobias Ruighaver |
Comments (0)
Researcher Info
|
