A novel approach to secured and central logging data

Nguyen Anh Quynh, Yoshiyasu Takefuji

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

Logging data is valuable and important information to reveal the attacker's activities and recover broken system. Unfortunately, once the attacker successfully penetrates a protected system, he never fails to either modify the logging data, or even worse, delete them to cover his traces. To avoid such a disaster, it is best to keep logging data in another machine by forwarding them to a central logging server. However, this approach has a flaw: while transmitting on network, data could be illegally sniffed or the traffic might be secretly redirected to a malicious machine. This paper proposes a novel method named Xenlog to secure logging data for systems run on Xen virtual machine: the solution does not use network stack to send data. Experimental and resulted tool proves that this approach is more secure than the traditional solution, while logging process is far more effective (nearly 24 times faster) and more reliable.

Original languageEnglish
Pages (from-to)201-208
Number of pages8
JournalWSEAS Transactions on Computers
Volume5
Issue number1
Publication statusPublished - 2006 Jan

Keywords

  • Central logging
  • Forensic analysis
  • Linux
  • Secured logging
  • Security attack
  • Xen

ASJC Scopus subject areas

  • Computer Science(all)

Fingerprint Dive into the research topics of 'A novel approach to secured and central logging data'. Together they form a unique fingerprint.

Cite this