A preprocess method for security audit log
Security audit plays an important role in information system. Organizations or companies find out their security risk from it and take audit logs as evidences for testify illegal behavior. But current methods of audit log analysis are not very effective,which cause deep security risk not found. On the other hand,audit alarm cant work accurately because of static security policy. In this paper,we present a preprocess method of security audit log. Unlike other methods of computing security levels of audit events in accordance with static policy,our preprocess method buildup security levels dynamically,which combines static policy with dynamic policy. To take into the context of security audit events happened,we build up a new attribute of the security event for accurate audit alarm and analysis.
security audit audit log preprocess dynamic security policy
Yao Sun Yang Tang Mengdong Chen
Beihang University,China
国际会议
西安
英文
290-292
2011-12-23(万方平台首次上网日期,不代表论文的发表时间)