Exemplifying Attack Identification and Analysis in a Novel Forensically Viable Syslog Model

13 years 11 months ago

Download digital.cs.usu.edu

This research builds on our method for validating syslog entries proposed in [5]. The goal of the proposed method is to allow syslog files to be forensically viable. The goal with this phase of the work is to implement the proposed method and evaluate the forensic validity of the method under real-world conditions. This paper discusses that implementation and the ability for the generated authentication logs and access fingerprints to both identify malicious activity and identify the source of this activity. While work has been done to develop secure log files, i.e., making them tamper resistant, there has been no prior work to ensure they are forensically valid.

Steena Dominica Steven Monteiro, Robert F. Erbache

Real-time Traffic

Digital Forensic Engineering | Forensic Engineering | Generated Authentication Logs | SADFE 2008 | Syslog Entries | Syslog Files |

claim paper

Post Info
More Details (n/a)

Added	01 Jun 2010
Updated	01 Jun 2010
Type	Conference
Year	2008
Where	SADFE
Authors	Steena Dominica Steven Monteiro, Robert F. Erbacher

Comments (0)

Sciweavers

Exemplifying Attack Identification and Analysis in a Novel Forensically Viable Syslog Model

Digital Forensic Engineering | Forensic Engineering | Generated Authentication Logs | SADFE 2008 | Syslog Entries | Syslog Files |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers