Reconsidering data logging in light of digital forensics

Bin Hui Chou, Kenichi Takahashi, Yoshiaki Hori, Kouichi Sakurai

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

抄録

Logs record the events that have happened within in a system so they are considered the history of system activities. They are one of the objects that digital forensic investigators would like to examine when a security incident happens. However, logs were initially created for trouble shooting, and are not purposefully designed for digital forensics. Thus, enormous and redundant log data make analysis tasks complicated and time-consuming to find valuable information, and make logging-related techniques difficult utilized in some systems such as embedded systems. In this paper, we reconsider a data logging mechanism in terms of forensics and consequently, we propose purpose-based forensic logging. In purpose-based forensic logging, we only collect the required logs according to a specific purpose, which could decrease the space that logs occupy and may mitigate the analysis tasks during forensic investigations.

本文言語英語
ホスト出版物のタイトルAdvances in Information Security and Its Application
ホスト出版物のサブタイトルThird International Conference, ISA 2009, Proceedings
ページ111-118
ページ数8
DOI
出版ステータス出版済み - 2009

出版物シリーズ

名前Communications in Computer and Information Science
36
ISSN(印刷版)1865-0929

All Science Journal Classification (ASJC) codes

  • コンピュータ サイエンス(全般)
  • 数学 (全般)

フィンガープリント

「Reconsidering data logging in light of digital forensics」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル