DocumentCode
496786
Title
Security audit logs for IDS
Author
Hong Ding ; Ming Xu
Author_Institution
Institute of Computer Application Technology, HangZhou Dianzi University, 310018, China
fYear
2006
fDate
6-9 Nov. 2006
Firstpage
1
Lastpage
4
Abstract
To implement audit logs security, the traditional technique was encryption, but the encrypted logs were difficult to partially search and verify. In this paper, a searchable security audit alert logs scheme for IDS was proposed. The hash chain and encryption technology were used to implement the forward security, i.e. in the event that an attacker captures the IDS host, it was impossible for the attacker to read, undetectably modify, or destroy the log entries generated prior to the logging machine´s compromise. Moreover, the characteristics of IDS alert log entries were used to build security indexes. With these indexes, the searcher and verifier can search and verify the log entries by recorder number, time stamp, source IP address, destination IP address, and type.
Keywords
IDS; forward security; hash chain; log;
fLanguage
English
Publisher
iet
Conference_Titel
Wireless, Mobile and Multimedia Networks, 2006 IET International Conference on
Conference_Location
hangzhou, China
ISSN
0537-9989
Print_ISBN
0-86341-644-6
Type
conf
Filename
5195738
Link To Document