Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SADFE
2008
IEEE
2008
IEEE
Finding the Evidence in Tamper-Evident Logs
Secure logs are powerful tools for building systems that must resist forgery, prove temporal relationships, and stand up to forensic scrutiny. The proofs of order and integrity encoded in these tamper-evident chronological records, typically built using hash chaining, may be used by applications to enforce operating constraints or sound alarms at suspicious activity. However, existing research stops short of discussing how one might go about automatically determining whether a given secure log satisfies a given set of constraints on its records. In this paper, we discuss our work on Q, a tool that accomplishes this. It can be used offline as an analyzer for static logs, or online during the runtime of a logging application. Q rules are written in a flexible pattern-matching language that adapts to arbitrary log structures; given a set of rules and available log data, Q presents evidence of correctness and offer...
Real-time TrafficDigital Forensic Engineering | Forensic Engineering | SADFE 2008 | Secure Log | Tamper-evident Chronological Records | flexible Pattern-matching Language |
Related Content
| Added | 01 Jun 2010 |
| Updated | 01 Jun 2010 |
| Type | Conference |
| Year | 2008 |
| Where | SADFE |
| Authors | Daniel Sandler, Kyle Derr, Scott A. Crosby, Dan S. Wallach |
Comments (0)
Researcher Info
|
