|
|
|
Date Submitted:
06/19/05
Hits: 60 Rating:  based on 0 votes
An Approach to UNIX Security LoggingAdded by Papergrl
Description:
Off-line intrusion detection systems rely on logged data. However, the logging mechanism may be complicated and time-consuming and the amount of logged data tends to be very large. To counter these problems we suggest a very simple and cheap logging method, light-weight logging. It can be easily implemented on a Unix system, particularly on the Solaris operating system from Sun. It is based on logging every invocation of the exec(2) system call together with its arguments. We use data from realistic intrusion experiments to show the benefits of the proposed logging and in particular that this logging method consumes as little system resources as comparable methods, while still being more effective.
Read the Complete Paper You don't have permission to post replies. Please login or register. |