Title :
Complexity Analysis of Retrieving Knowledge from Auditing Log Files for Computer and Network Forensics and Accountability
Author :
Takahashi, Daisuke ; Xiao, Yang
Author_Institution :
Dept. of Comput. Sci., Univ. of Alabama, Tuscaloosa, AL
Abstract :
Behaviors of users in a computer or a computer network can be observed by system authorities via logs of all the actions. In a computer or network system, if at some point the fact that the content of a secret file is leaking has been already known, to figure out the reasons of the leaking, we can search partial or entire log files to find out direct or indirect accesses to the file; since a user who accessed the secret before may send messages containing the secret to other users (the secret is leaking due to indirect accesses) via packets in a computer network, or via pipe/FIFO/message-queue/etc. in a computer system, finding the reasons of the leaking is not a trivial task. In this paper, we analyze and simulate the complexity of retrieving knowledge from the computer and network auditing log database for forensics and accountability.
Keywords :
computational complexity; computer networks; security of data; FIFO; complexity analysis; computer network accountability; computer network forensics; knowledge retrieval; message-queue; network auditing log database; Analytical models; Computational modeling; Computer crime; Computer hacking; Computer networks; Databases; Forensics; Information retrieval; Layout; Personal digital assistants;
Conference_Titel :
Communications, 2008. ICC '08. IEEE International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-2075-9
Electronic_ISBN :
978-1-4244-2075-9
DOI :
10.1109/ICC.2008.285
