Inspect: a Lightweight Distributed Approach to Automated Audit Trail Analysis
نویسنده
چکیده
Security is a key issue in the design and implementation of complex information systems. Security mechanisms and policies have to be deployed and then continuously maintained, monitored and audited. Auditing information is of great usefulness, but diicult to manage. Thus, several tools for security audit trail analysis have been developed to assist audit trails analysts in their work. Great eeort is currently being devoted to improve such tools with real-time intrusion detection capabilities. This paper presents Inspect, a system for automated audit trail analysis, which aims at real-time intrusion detection. Inspect tries to emulate, with its distributed architecture, the behavior of a team of security audit trail analysts , using the divide et impera approach. Inspect is based on InSpeL, a rule-based language, which aims at specifying break-ins and system abuse scenarios.
منابع مشابه
Continuous Fraud Detection in Enterprise Systems through Audit Trail Analysis
Enterprise systems, real time recording and real time reporting pose new and significant challenges to the accounting and auditing professions. This includes developing methods and tools for continuous assurance and fraud detection. In this paper we propose a methodology for continuous fraud detection that exploits security audit logs, changes in master records and accounting audit trails in en...
متن کاملThe Effects of Audit Methodology on the Development of Auditors’ Knowledge of the Client’s Business
This study examines the differences between strategic systems audit approach compared with traditional based audit approach and its impact on development of auditors’ knowledge of the client’s business, has been discussed. Strategic systems audit approach advocates argue that this approach creates a better development of auditors’ knowledge of the client’s business than the traditional-based au...
متن کاملSingle Layer Optical-Scan Voting with Fully Distributed Trust
We present a new approach for cryptographic end-to-end verifiable optical-scan voting. Ours is the first that does not rely on a single point of trust to protect ballot secrecy while simultaneously offering a conventional single layer ballot form and unencrypted paper trail. We present two systems following this approach. The first system uses ballots with randomized confirmation codes and a ph...
متن کاملLutetium-177 DOTATATE Production with an Automated Radiopharmaceutical Synthesis System
Objective(s): Peptide Receptor Radionuclide Therapy (PRRT) with yttrium-90 (90Y) and lutetium-177 (177Lu)-labelled SST analogues are now therapy option for patients who have failed to respond to conventional medical therapy. In-house production with automated PRRT synthesis systems have clear advantages over manual methods resulting in increasing use in hospital-based radiopharmacies. We report...
متن کاملData Warehouse Model for Audit Trail Analysis in Workflows
Business process performance evaluation is a key step towards assessing and improving e-business operations. In real-scale scenarios, such evaluation requires the collection, aggregation and processing of vast amounts of data, in particular audit trails. This paper aims at enabling such evaluation by integrating workflow technology with data warehousing. We first present a data model for captur...
متن کامل