System-level audit logs capture the interactions between applica-tions and the runtime environment. They are highly valuable for forensic analysis that aims to identify the root cause of an attack, which may occur long ago, or to determine the ramifications of an attack for recovery from it. A key challenge of audit log-based forensics in practice is the sheer size of the log files generated, which could grow at a rate of Gigabytes per day. In this paper, we propose LogGC, an audit logging system with garbage collection (GC) capability. We identify and overcome the unique challenges of garbage collection in the context of computer forensic analysis, which makes LogGC different from traditional memory GC tech-niques. We also develop techniqu...
The growth of digital technology spawns both positive and negative effects. Cybercrimes rise with th...
Retrospective security has become increasingly important to the theory and practice of cyber securit...
System logging is an essential component of building and maintaining secure systems. Unfortunately, ...
Logging is a well-established technique to record dynamic information during system execution. It ha...
Event auditing today is a resource consuming process. Rapidly increasing performance of hardware res...
Forensic analysis is the process of understanding, re-creating, and analyzing arbitrary events that ...
Auditing is an increasingly essential tool for the defense of computing systems, but the unwieldy na...
© 2007 Dr. Atif AhmadThe application of investigative techniques within digital environments has lea...
Audit logs are considered good practice for business systems, and are required by federal regulation...
The 27th IEEE International Requirements Engineering Conference, Jeju Island, South Korea, 23-27 Sep...
Digital crimes are increasing exponentially and people with possession of even a simple digital devi...
This document describes a log-keeping mechanism designed to support Global Garbage Detection on Amad...
Uncorrupted log files are the critical system component for computer forensics in case of intrusion ...
Audit logs are different from other software logs in that they record the most primitive events (i.e...
This paper suggests that administrators form a new way of conceptualizing evidence collection across...
The growth of digital technology spawns both positive and negative effects. Cybercrimes rise with th...
Retrospective security has become increasingly important to the theory and practice of cyber securit...
System logging is an essential component of building and maintaining secure systems. Unfortunately, ...
Logging is a well-established technique to record dynamic information during system execution. It ha...
Event auditing today is a resource consuming process. Rapidly increasing performance of hardware res...
Forensic analysis is the process of understanding, re-creating, and analyzing arbitrary events that ...
Auditing is an increasingly essential tool for the defense of computing systems, but the unwieldy na...
© 2007 Dr. Atif AhmadThe application of investigative techniques within digital environments has lea...
Audit logs are considered good practice for business systems, and are required by federal regulation...
The 27th IEEE International Requirements Engineering Conference, Jeju Island, South Korea, 23-27 Sep...
Digital crimes are increasing exponentially and people with possession of even a simple digital devi...
This document describes a log-keeping mechanism designed to support Global Garbage Detection on Amad...
Uncorrupted log files are the critical system component for computer forensics in case of intrusion ...
Audit logs are different from other software logs in that they record the most primitive events (i.e...
This paper suggests that administrators form a new way of conceptualizing evidence collection across...
The growth of digital technology spawns both positive and negative effects. Cybercrimes rise with th...
Retrospective security has become increasingly important to the theory and practice of cyber securit...
System logging is an essential component of building and maintaining secure systems. Unfortunately, ...