We propose an in-kernel cache-based online log-reduction system to enable high-performance audit logging.
Jul 11, 2018 · The Linux Audit system is widely used as a causality tracking system in real-world deployments for problem diagnosis and forensic analysis.
The Linux Audit system is widely used as a causality tracking system in real-world deployments for problem diagnosis and forensic analysis.
MCI: Modeling-based causality inference in audit logging for attack investigation ... Kernel-supported cost-effective audit logging for causality tracking. S Ma, ...
In this paper, we develop a model based causality inference technique for audit logging that does not require any application instrumentation or kernel ...
Kernel-Supported Cost-Effective Audit Logging for Causality Tracking. S. Ma ... Accurate, low cost and instrumentation-free security audit logging for windows.
Kernel-Supported Cost-Effective Audit Logging for Causality Tracking · MPI: Multiple Perspective Attack Investigation with Semantic Aware Execution Partitioning.
... Kernel-Supported Cost-Effective Audit Logging for Causality Tracking, 29th USENIX Annual Technical Conference (ATC), 2018. Ioannis Agadakos, Gabriela F ...
We implement KennyLoggings on top of the Linux kernel and show that it imposes between 8% and. 11% overhead on log-intensive application workloads. CCS CONCEPTS.
People also ask
What is kernel auditing?
What is the audit log in Linux?
How to enable audit logs in Ubuntu?
[Ma'18] Kernel-Supported Cost-Effective Audit Logging for Causality Tracking; [Lee'13b] High Accuracy Attack Provenance via Binary-Based Execution ...