Abstract
Effective activity and event monitoring is an essential aspect of digital forensic readiness. Techniques for capturing log and other event data are familiar from conventional networked hosts and transfer directly to the Cloud context. In both contexts, a major concern is the risk that monitoring systems may be targeted and impaired by intruders seeking to conceal their illicit presence and activities. We outline an approach to intrusion monitoring that aims (i) to ensure the credibility of log data and (ii) provide a means of data sharing that supports log reconstruction in the event that one or more logging systems is maliciously impaired.
| Original language | English |
|---|---|
| Pages | 1-5 |
| Number of pages | 5 |
| Publication status | Published - 27 Jan 2017 |
| Event | The Eighth International Conference on Cloud Computing, GRIDs, and Virtualization - NOVOTEL Athens Hotel, Athens, Greece Duration: 19 Feb 2017 → 23 Feb 2017 http://www.iaria.org/conferences2017/CLOUDCOMPUTING17.html |
Conference
| Conference | The Eighth International Conference on Cloud Computing, GRIDs, and Virtualization |
|---|---|
| Abbreviated title | Cloud Computing 2017 |
| Country/Territory | Greece |
| City | Athens |
| Period | 19/02/17 → 23/02/17 |
| Internet address |
Keywords
- cloud security
- intrusion monitoring
- message authentication codes
- secret sharing