• DocumentCode
    3500181
  • Title

    Design and Evaluation of a Network Forensic Logging System

  • Author

    Park, Tae-Kyou ; Ra, Ilkyeun

  • Author_Institution
    Dept. of Comput. & Info. Sci., Hanseo Univ.
  • Volume
    2
  • fYear
    2008
  • fDate
    11-13 Nov. 2008
  • Firstpage
    1125
  • Lastpage
    1130
  • Abstract
    This paper describes a forensic logging system that collects fine-grained evidence from target servers and networks. For the logging system, we developed a TCSEC-B1 level secure operating system and a dedicated network processor that collects network traffic. The logging system is also capable of protecting servers from malicious attacks as well as allowing security managers to obtain forensic evidences when the target server is assaulted by violations. We describe the design and implementation of the system and discuss the benchmark result of the prototype system.
  • Keywords
    computer networks; network servers; operating systems (computers); security of data; telecommunication security; telecommunication traffic; TCSEC-B1 level secure operating system; malicious attack; network forensic logging system; network processor; network server; network traffic; Computer security; Costs; Data security; Databases; Forensics; Humans; Kernel; Network servers; Operating systems; Protection; Forensic; Logging; security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Convergence and Hybrid Information Technology, 2008. ICCIT '08. Third International Conference on
  • Conference_Location
    Busan
  • Print_ISBN
    978-0-7695-3407-7
  • Type

    conf

  • DOI
    10.1109/ICCIT.2008.28
  • Filename
    4682398
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3500181