Enterprise wide centralized logging mechanism for application level intrusion detection

Shaikh, Riaz A. ORCID: https://orcid.org/0000-0001-6666-0253, Rajput, Saeed, Zaidi, S. M. H. and Sharif, Kashif (2005) Enterprise wide centralized logging mechanism for application level intrusion detection. In: Proceedings of The 2005 International Conference on Security and Management, SAM'05. Proceedings of The 2005 International Conference on Security and Management, SAM'05 . UNSPECIFIED, USA, pp. 144-148. ISBN 1932415823

Full text not available from this repository. (Request a copy)

Abstract

Due to increase in occurrences of intrusion events, organizations are now moving towards implementation of various types of monitoring systems to detect and prevent IT security breaches. For that purpose, different techniques have been used. Logging is one of such technique. Typical enterprise consists of firewalls, intrusion detection systems, operating systems, legacy applications etc, where each element uses its own conventions and formats of logs. It increases the complexity in comprehensive analysis of logs to generate real time alerts and it also increases time to conduct forensic analysis. In this paper we have presented the concept of application level unification of logs in a consistent format at centralized locations to detect and prevent real time or near real time intrusions in a cost effective manner.

Item Type: Book Section
Uncontrolled Keywords: enterprise,idmef,intrusion detection,logging mechanism,computer networks and communications,hardware and architecture,software ,/dk/atira/pure/subjectarea/asjc/1700/1705
Faculty \ School: Faculty of Science > School of Computing Sciences
UEA Research Groups: Faculty of Science > Research Groups > Cyber Security Privacy and Trust Laboratory
Related URLs:
Depositing User: LivePure Connector
Date Deposited: 16 Aug 2022 15:31
Last Modified: 07 May 2023 06:31
URI: https://ueaeprints.uea.ac.uk/id/eprint/87318
DOI:

Actions (login required)

View Item View Item