A secure virtualized logging scheme for digital forensics in comparison with kernel module approach

Bin Hui Chou, Kohei Tatara, Taketoshi Sakuraba, Yoshiaki Hori, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Digital forensics encompasses the process of identifying the perpetrator and the criminal method by analyzing the logs generated in the computer. Log files record the activities of the computer and by reading them one can know what kind of event happened at a certain time. Therefore, secure logs with the integrity property are essential. In this paper, we discuss two approaches to achieve the integrity of logsthe kernel module and virtualization, and compare them. Although virtualization is more inefficient in performance than the kernel module, it provides more security properties for logs. Thus, we then focus on the virtualization approach with a detailed proposal, which describes ways to preserve logs without tampering and deletion.

Original languageEnglish
Title of host publicationProceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008
Pages421-426
Number of pages6
DOIs
Publication statusPublished - Sep 15 2008
Event2nd International Conference on Information Security and Assurance, ISA 2008 - Busan, Korea, Republic of
Duration: Apr 24 2008Apr 26 2008

Publication series

NameProceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008

Other

Other2nd International Conference on Information Security and Assurance, ISA 2008
CountryKorea, Republic of
CityBusan
Period4/24/084/26/08

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems and Management
  • Electrical and Electronic Engineering
  • Communication

Fingerprint Dive into the research topics of 'A secure virtualized logging scheme for digital forensics in comparison with kernel module approach'. Together they form a unique fingerprint.

  • Cite this

    Chou, B. H., Tatara, K., Sakuraba, T., Hori, Y., & Sakurai, K. (2008). A secure virtualized logging scheme for digital forensics in comparison with kernel module approach. In Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008 (pp. 421-426). [4511604] (Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008). https://doi.org/10.1109/ISA.2008.96