Paper Info
Title
Exemplifying Attack Identification and Analysis in a Novel Forensically Viable Syslog Model
Abstract
This research builds on our method for validating syslog entries proposed in [5]. The goal of the proposed method is to allow syslog files to be forensically viable. The goal with this phase of the work is to implement the proposed method and evaluate the forensic validity of the method under real-world conditions. This paper discusses that implementation and the ability for the generated authentication logs and access fingerprints to both identify malicious activity and identify the source of this activity. While work has been done to develop secure log files, i.e., making them tamper resistant, there has been no prior work to ensure they are forensically valid.
Year
DOI
Venue
2008
10.1109/SADFE.2008.14
Oakland, CA
Keywords
Field
DocType
forensic validity,access fingerprint,syslog file,prior work,novel forensically viable syslog,exemplifying attack identification,real-world condition,paper discusses,authentication log,syslog entry,malicious activity,tamper resistance,computer science,frequency,computer networks,protocols,security,digital forensics,fingerprint recognition,authentication,message authentication
Authentication,Message authentication code,Digital forensics,Computer security,Computer science,Tamper resistance,syslog
Conference
ISBN
Citations 
PageRank 
978-0-7695-3171-7
3
0.47
References 
Authors
3
2
Name
Order
Citations
PageRank
Steena Dominica Steven Monteiro130.81
Robert F. Erbacher220227.65