Cryptolog: A new approach to provide log security for digital forensics

Year 2017, Volume: 17 Issue: 2, 3453 - 3462, 27.07.2017

Resul Das Muhammet Baykara Gurkan Tuna

Abstract

As security vulnerabilities generated by the developments in information
and communication technologies as well as emerging technologies can lead to
severe loss in terms of individual and institutional aspects, the importance of
information security has been increasing in recent years. Nowadays, digital information
is considered as an important asset which must be appropriately evaluated and protected
against all forms of unauthorized access, use, disclosure, modification, destruction,
or denial. Since information security is more prominent and more important now than
ever before, this growing awareness of digital information security has led societies
to develop innovative ways of protecting their sensitive information. On the other
hand, in today's digital world, keeping sensitive information secure is not as easy
as it was in the past. In this regard, it is obvious that for all types of institutions
there is a need for security software which provides the necessary security measures
and policies for the protection and retrieval of sensitive digital information.

To ensure information security, security software must have the ability
to make logging of certain events. Through log files, some analysis can be performed
to find out what kind of attacks were done by which users and when. In this respect,
this study proposes a novel approach of recording traffic flow on the log files
stored on a server to determine the changes made by unauthorized people/users on
the log records, and this way ensures the security of the log records and contributes
to digital forensics processes in terms of accuracy, integrity and confidentiality
of the log records. 

Keywords

Log analysis, log collection, log security, information security, digital forensics

References

• 11. Hemantha S.B. Herath and Tejaswini C. Herath, “IT security auditing: A performance evaluation decision model”, Decision Support Systems, vol. 57, pp. 54-63, 2014. DOI: 10.1016/j.dss.2013.07.010.
• 12. R. Das, I. Turkoglu, “Creating meaningful data from web logs for improving the impressiveness of a website by using path analysis method”, Expert Systems with Applications, vol. 36, no. 3, pp. 6635-6644, 2009.
• 13. R. Daş, İ. Türkoğlu, and M. Poyraz, “Web Kayıt Dosyalarından İlginç Örüntülerin Keşfedilmesi”, Fırat Üniversitesi, Fen ve Mühendislik Bilimleri Dergisi, vol. 19, no. 4, pp. 493-503, 2007.
• 14. B. Boeck, D. Huemer, and A Min Tjoa, “Towards More Trustable Log Files for Digital Forensics by Means of “Trusted Computing”, 24th IEEE International Conference on Advanced Information Networking and Applications (AINA), 20-23 April 2010, pp. 1020-1027. DOI: 10.1109/AINA.2010.26
• 15. D. Brezinski and T. Killalea, “Guidelines for evidence collection and archiving”, United States, 2002.
• M.T. Goodrich, M.J. Atallah, R. Tamassia, “Indexing information for data forensics”, Lecture Notes in Computer Science, vol. 3531, pp. 206-221, 2005.
• Junbin Fang, Zoe L. Jiang, S. M. Yiu, Lucas C.K.Hui, “An Efficient Scheme for Hard Disk Integrity Check in Digital Forensics by Hashing with Combinational Group Testing”, International Journal of Digital Content Technology and its Applications, 5(2), pp.300-308, 2011.
• Internet: http://www.tib.gov.tr/en/en-menu-47-information_about_the_regulations_of_the_content_of_the_internet.html
• “Payment Card Industry (PCI) Data Security Standard,” Payment Card Industry Security Standards Council, Technical Report, 2010.
• United State Government, “Federal Information Security Management Act (FISMA),” 2002. [Online]. Available: http://csrc.nist.gov/groups/SMA/fisma/index.html