Shaikh, Riaz A. ORCID: https://orcid.org/0000-0001-6666-0253, Rajput, Saeed, Zaidi, S. M. H. and Sharif, Kashif (2005) Enterprise wide centralized logging mechanism for application level intrusion detection. In: Proceedings of The 2005 International Conference on Security and Management, SAM'05. Proceedings of The 2005 International Conference on Security and Management, SAM'05 . UNSPECIFIED, USA, pp. 144-148. ISBN 1932415823
Full text not available from this repository. (Request a copy)Abstract
Due to increase in occurrences of intrusion events, organizations are now moving towards implementation of various types of monitoring systems to detect and prevent IT security breaches. For that purpose, different techniques have been used. Logging is one of such technique. Typical enterprise consists of firewalls, intrusion detection systems, operating systems, legacy applications etc, where each element uses its own conventions and formats of logs. It increases the complexity in comprehensive analysis of logs to generate real time alerts and it also increases time to conduct forensic analysis. In this paper we have presented the concept of application level unification of logs in a consistent format at centralized locations to detect and prevent real time or near real time intrusions in a cost effective manner.
Item Type: | Book Section |
---|---|
Uncontrolled Keywords: | enterprise,idmef,intrusion detection,logging mechanism,computer networks and communications,hardware and architecture,software ,/dk/atira/pure/subjectarea/asjc/1700/1705 |
Faculty \ School: | Faculty of Science > School of Computing Sciences |
UEA Research Groups: | Faculty of Science > Research Groups > Cyber Security Privacy and Trust Laboratory |
Related URLs: | |
Depositing User: | LivePure Connector |
Date Deposited: | 16 Aug 2022 15:31 |
Last Modified: | 07 May 2023 06:31 |
URI: | https://ueaeprints.uea.ac.uk/id/eprint/87318 |
DOI: |
Actions (login required)
View Item |