论文信息 - Network auditing: issues and recommendations

Network auditing: issues and recommendations

Auditing can be used to detect abuse or intrusion into a computer system in some cases or if the abuse or intrusion is discovered by other means, the audit can be used after-the-fact to help determine the amount of damage that has occurred on the system. The deterrent presented by the audit trail is also important. In the past, audit trails have usually been oriented to standalone processors. The paper explores issues present when auditing in a networked environment. The issues are grouped according to: collection and storage, integration, protection and analysis. Some recommendations for further research, development, standards and policy-making initiatives are provided.<<ETX>>

Samuel I. Schaen | Brian W. McKenney

[1] K J Biba,et al. Integrity Considerations for Secure Computer Systems , 1977 .

[2] David L. Mills,et al. On the Accuracy and Stablility of Clocks Synchronized by the Network Time Protocol in the Internet System , 1989, CCRV.

[3] Daniel F. Sterne,et al. Auditing: a relevant contribution to trusted database management systems , 1989, [1989 Proceedings] Fifth Annual Computer Security Applications Conference.

[4] J. Noelle McAuliffe,et al. Is your computer being misused? A survey of current intrusion detection system technology , 1990, [1990] Proceedings of the Sixth Annual Computer Security Applications Conference.

[5] D. E. Bell,et al. Secure Computer Systems : Mathematical Foundations , 2022 .