메뉴 건너뛰기




Volumn 4, Issue SUPPL., 2007, Pages 82-91

Analyzing multiple logs for forensic evidence

Author keywords

Forensic analysis; Formal methods; Log analysis; Log correlation; Logging systems; Model checking

Indexed keywords

ALGEBRA; ALGORITHMS; COMPUTER CRIME; FORMAL METHODS; MATHEMATICAL MODELS; MODEL CHECKING; SECURITY OF DATA;

EID: 34447536428     PISSN: 17422876     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.diin.2007.06.013     Document Type: Article
Times cited : (43)

References (27)
  • 1
    • 0037421015 scopus 로고    scopus 로고
    • A new logic for electronic commerce protocols
    • Adi K., Debbabi M., and Mejri M. A new logic for electronic commerce protocols. Int J Theor Comput Sci, TCS 291 3 (2003) 223-283
    • (2003) Int J Theor Comput Sci, TCS , vol.291 , Issue.3 , pp. 223-283
    • Adi, K.1    Debbabi, M.2    Mejri, M.3
  • 2
    • 0025494721 scopus 로고
    • Tableau-based model checking in the propositional Mu-calculus
    • Cleaveland R. Tableau-based model checking in the propositional Mu-calculus. Acta Inform 27 8 (1990) 725-748
    • (1990) Acta Inform , vol.27 , Issue.8 , pp. 725-748
    • Cleaveland, R.1
  • 3
    • 84922794799 scopus 로고    scopus 로고
    • Cuppens F. Managing alerts in a multi-intrusion detection environment. In: Proceedings of the 17th annual computer security applications conference, December 2001.
  • 4
    • 34447501403 scopus 로고    scopus 로고
    • Cuppens F, Miege A. Alert correlation in a cooperative intrusion detection framework. In: Proceedings of the 2002 IEEE symposium on security and privacy, May 2003.
  • 5
    • 84947561772 scopus 로고    scopus 로고
    • Debar H, Wespi A. Aggregation and correlation of intrusion-detection alerts. In: Recent advances in intrusion detection. LNCS 2212; 2001.
  • 6
    • 3042854565 scopus 로고    scopus 로고
    • Finite state machine approach to digital event reconstruction
    • Gladyshev P., and Patel A. Finite state machine approach to digital event reconstruction. Digit Investig J 1 2 (2004)
    • (2004) Digit Investig J , vol.1 , Issue.2
    • Gladyshev, P.1    Patel, A.2
  • 7
    • 33745983277 scopus 로고    scopus 로고
    • Formalising event time bounding in digital investigations
    • Gladyshev P., and Patel A. Formalising event time bounding in digital investigations. Digit Investig J 4 2 (2005)
    • (2005) Digit Investig J , vol.4 , Issue.2
    • Gladyshev, P.1    Patel, A.2
  • 9
    • 3142623031 scopus 로고    scopus 로고
    • Clustering intrusion detection alarms to support root cause analysis
    • Julisch K. Clustering intrusion detection alarms to support root cause analysis. ACM Trans Inform Syst Secur 6 4 (Nov 2003) 443-471
    • (2003) ACM Trans Inform Syst Secur , vol.6 , Issue.4 , pp. 443-471
    • Julisch, K.1
  • 11
    • 34447521035 scopus 로고    scopus 로고
    • A formalization of digital forensics
    • Leigland R., and Krings A.W. A formalization of digital forensics. Digit Investig J 3 2 (2004)
    • (2004) Digit Investig J , vol.3 , Issue.2
    • Leigland, R.1    Krings, A.W.2
  • 13
    • 34447538870 scopus 로고    scopus 로고
    • Morin B, Debar H. Correlation of intrusion symptoms: an application of chronicles. In Proceedings of the sixth international conference on recent advances in intrusion detection (RAID'03), September 2003.
  • 14
    • 34447507058 scopus 로고    scopus 로고
    • Morin B, Me L, Debar H, Ducasse M. M2D2: a formal data model for IDS alert correlation. In: Proceedings of the fifth international symposium on recent advances in intrusion detection (RAID 2002), 2002.
  • 15
    • 0038011185 scopus 로고    scopus 로고
    • Ning P, Cui Y, Reeves DS. Constructing attack scenarios through correlation of intrusion alerts. In: Proceedings of the nineth ACM conference on computer and communications security, Washington, DC, November 2002. p. 245-54.
  • 17
    • 34447551225 scopus 로고    scopus 로고
    • Porras P, Fong M, Valdes A. A mission-impact-based approach to INFOSEC alarm correlation. In: Proceedings of the fifth international symposium on recent advances in intrusion detection (RAID 2002); 2002.
  • 18
    • 84944715924 scopus 로고    scopus 로고
    • Stallard T, Levitt K. Automated analysis for digital forensic science: semantic integrity checking. In: 19th annual computer security applications conference, Las Vegas, NV, USA, December 2003.
  • 19
    • 0036090327 scopus 로고    scopus 로고
    • Practical automated detection of stealthy portscans
    • Staniford S., Hoagland J., and McAlerney J. Practical automated detection of stealthy portscans. J Comput Secur 10 1/2 (December 2002) 105-136
    • (2002) J Comput Secur , vol.10 , Issue.1-2 , pp. 105-136
    • Staniford, S.1    Hoagland, J.2    McAlerney, J.3
  • 20
    • 3042553947 scopus 로고    scopus 로고
    • Modeling of post-incident root cause analysis
    • Stephenson P. Modeling of post-incident root cause analysis. Int J Digit Evid 2 2 (2003)
    • (2003) Int J Digit Evid , vol.2 , Issue.2
    • Stephenson, P.1
  • 23
    • 0034593179 scopus 로고    scopus 로고
    • Templeton S, Levitt K. A requires/provides model for computer attacks. In: Proceedings of new security paradigms workshop, September 2000.
  • 24
    • 34447521038 scopus 로고    scopus 로고
    • Valdes A, Skinner K. Probabilistic alert correlation. In: Proceedings of the fourth international symposium on recent advances in intrusion detection (RAID 2001); 2001.
  • 27
    • 34447524482 scopus 로고    scopus 로고
    • Yegneswaran V, Barford P, Jha S. Global intrusion detection in the domino overlay system. In: Proceedings of the 11th annual network and distributed system security symposium (NDSS'04), Feburary 2004.


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.