Reconsidering data logging in light of digital forensics

Bin Hui Chou; Kenichi Takahashi; Yoshiaki Hori; Kouichi Sakurai

doi:10.1007/978-3-642-02633-1_15

Reconsidering data logging in light of digital forensics

Bin Hui Chou, Kenichi Takahashi, Yoshiaki Hori, Kouichi Sakurai

数理情報

研究成果: 書籍/レポートタイプへの寄稿 › 会議への寄与

抄録

Logs record the events that have happened within in a system so they are considered the history of system activities. They are one of the objects that digital forensic investigators would like to examine when a security incident happens. However, logs were initially created for trouble shooting, and are not purposefully designed for digital forensics. Thus, enormous and redundant log data make analysis tasks complicated and time-consuming to find valuable information, and make logging-related techniques difficult utilized in some systems such as embedded systems. In this paper, we reconsider a data logging mechanism in terms of forensics and consequently, we propose purpose-based forensic logging. In purpose-based forensic logging, we only collect the required logs according to a specific purpose, which could decrease the space that logs occupy and may mitigate the analysis tasks during forensic investigations.

本文言語	英語
ホスト出版物のタイトル	Advances in Information Security and Its Application
ホスト出版物のサブタイトル	Third International Conference, ISA 2009, Proceedings
ページ	111-118
ページ数	8
DOI	https://doi.org/10.1007/978-3-642-02633-1_15
出版ステータス	出版済み - 2009

出版物シリーズ

名前	Communications in Computer and Information Science
巻	36
ISSN（印刷版）	1865-0929

!!!All Science Journal Classification (ASJC) codes

コンピュータサイエンス（全般）
数学 (全般)

文献へのアクセス

10.1007/978-3-642-02633-1_15

他のファイルとリンク

引用スタイル

Reconsidering data logging in light of digital forensics. / Chou, Bin Hui; Takahashi, Kenichi; Hori, Yoshiaki その他.
Advances in Information Security and Its Application: Third International Conference, ISA 2009, Proceedings. 2009. p. 111-118 (Communications in Computer and Information Science; Vol. 36).

研究成果: 書籍/レポートタイプへの寄稿 › 会議への寄与

@inproceedings{cf61ad6eb5264cc5b07313ae9bb1d29f,

title = "Reconsidering data logging in light of digital forensics",

abstract = "Logs record the events that have happened within in a system so they are considered the history of system activities. They are one of the objects that digital forensic investigators would like to examine when a security incident happens. However, logs were initially created for trouble shooting, and are not purposefully designed for digital forensics. Thus, enormous and redundant log data make analysis tasks complicated and time-consuming to find valuable information, and make logging-related techniques difficult utilized in some systems such as embedded systems. In this paper, we reconsider a data logging mechanism in terms of forensics and consequently, we propose purpose-based forensic logging. In purpose-based forensic logging, we only collect the required logs according to a specific purpose, which could decrease the space that logs occupy and may mitigate the analysis tasks during forensic investigations.",

author = "Chou, {Bin Hui} and Kenichi Takahashi and Yoshiaki Hori and Kouichi Sakurai",

year = "2009",

doi = "10.1007/978-3-642-02633-1_15",

language = "English",

isbn = "9783642026324",

series = "Communications in Computer and Information Science",

pages = "111--118",

booktitle = "Advances in Information Security and Its Application",

}

TY - GEN

T1 - Reconsidering data logging in light of digital forensics

AU - Chou, Bin Hui

AU - Takahashi, Kenichi

AU - Hori, Yoshiaki

AU - Sakurai, Kouichi

PY - 2009

Y1 - 2009

N2 - Logs record the events that have happened within in a system so they are considered the history of system activities. They are one of the objects that digital forensic investigators would like to examine when a security incident happens. However, logs were initially created for trouble shooting, and are not purposefully designed for digital forensics. Thus, enormous and redundant log data make analysis tasks complicated and time-consuming to find valuable information, and make logging-related techniques difficult utilized in some systems such as embedded systems. In this paper, we reconsider a data logging mechanism in terms of forensics and consequently, we propose purpose-based forensic logging. In purpose-based forensic logging, we only collect the required logs according to a specific purpose, which could decrease the space that logs occupy and may mitigate the analysis tasks during forensic investigations.

AB - Logs record the events that have happened within in a system so they are considered the history of system activities. They are one of the objects that digital forensic investigators would like to examine when a security incident happens. However, logs were initially created for trouble shooting, and are not purposefully designed for digital forensics. Thus, enormous and redundant log data make analysis tasks complicated and time-consuming to find valuable information, and make logging-related techniques difficult utilized in some systems such as embedded systems. In this paper, we reconsider a data logging mechanism in terms of forensics and consequently, we propose purpose-based forensic logging. In purpose-based forensic logging, we only collect the required logs according to a specific purpose, which could decrease the space that logs occupy and may mitigate the analysis tasks during forensic investigations.

UR - http://www.scopus.com/inward/record.url?scp=67649961938&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=67649961938&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-02633-1_15

DO - 10.1007/978-3-642-02633-1_15

M3 - Conference contribution

AN - SCOPUS:67649961938

SN - 9783642026324

T3 - Communications in Computer and Information Science

SP - 111

EP - 118

BT - Advances in Information Security and Its Application

ER -

Reconsidering data logging in light of digital forensics

抄録

出版物シリーズ

!!!All Science Journal Classification (ASJC) codes

文献へのアクセス

他のファイルとリンク

フィンガープリント

引用スタイル