A survey on forensic investigation of operating system logs

被引:26
|
作者
Studiawan, Hudan [1 ]
Sohel, Ferdous [1 ]
Payne, Christian [1 ]
机构
[1] Murdoch Univ, Discipline Informat Technol Math & Stat, Perth, WA, Australia
来源
DIGITAL INVESTIGATION | 2019年 / 29卷
关键词
Operating system logs; Event logs; Log forensics; Log tamper detection; Event correlation; Event reconstruction; Event anomaly; DIGITAL FORENSICS; RETRIEVING KNOWLEDGE; NETWORK FORENSICS; COMPUTER; FILES; RECONSTRUCTION; INCONSISTENCY; PROVENANCE; INTERNET; MODEL;
D O I
10.1016/j.diin.2019.02.005
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Event logs are one of the most important sources of digital evidence for forensic investigation because they record essential activities on the system. In this paper, we present a comprehensive literature survey of the forensic analysis on operating system logs. We present a taxonomy of various techniques used in this area. Additionally, we discuss the tools that support the examination of the event logs. This survey also gives a review of the publicly available datasets that are used in operating system log forensics research. Finally, we suggest potential future directions on the topic of operating system log forensics. (C) 2019 Elsevier Ltd. All rights reserved.
引用
收藏
页码:1 / 20
页数:20
相关论文
共 50 条
  • [31] A survey of operating system support for persistent memory
    Miao Cai
    Hao Huang
    Frontiers of Computer Science, 2021, 15
  • [32] A survey of operating system support for persistent memory
    Cai, Miao
    Huang, Hao
    FRONTIERS OF COMPUTER SCIENCE, 2021, 15 (04)
  • [33] Anomaly Detection in Operating System Logs with Deep Learning-Based Sentiment Analysis
    Studiawan, Hudan
    Sohel, Ferdous
    Payne, Christian
    IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2021, 18 (05) : 2136 - 2148
  • [34] Event Logs Generated by an Operating System Running on a COTS Computer During IEMI Exposure
    Kasmi, C.
    Lopes-Esteves, J.
    Picard, N.
    Renard, M.
    Beillard, B.
    Martinod, E.
    Andrieu, J.
    Lalande, M.
    IEEE TRANSACTIONS ON ELECTROMAGNETIC COMPATIBILITY, 2014, 56 (06) : 1723 - 1726
  • [35] Search Logs Mining: Survey
    Bhojawala, Vivek
    Patel, Pinal
    PROCEEDINGS OF FIRST INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGY FOR INTELLIGENT SYSTEMS: VOL 2, 2016, 51 : 33 - 45
  • [36] Measuring the Forensic-Ability of Audit Logs for Nonrepudiation
    King, Jason
    PROCEEDINGS OF THE 35TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE 2013), 2013, : 1419 - 1422
  • [37] Optimizing Forensic Data Availability and Retention of SDN Forensic Logs by Using Bloom Filter
    Sharma, Varun
    Rawat, Shatrunjay
    2023 INTERNATIONAL CONFERENCE ON INFORMATION NETWORKING, ICOIN, 2023, : 305 - 311
  • [38] Exploratory studies into forensic logs for criminal investigation using case studies in industrial control systems in the power sector
    Iqbal, Asif
    Ekstedt, Mathias
    Alobaidli, Hanan
    2017 IEEE INTERNATIONAL CONFERENCE ON BIG DATA (BIG DATA), 2017, : 3657 - 3661
  • [39] Operating System Concepts for Reconfigurable Computing: Review and Survey
    Eckert, Marcel
    Meyer, Dominik
    Haase, Jan
    Klauer, Bernd
    INTERNATIONAL JOURNAL OF RECONFIGURABLE COMPUTING, 2016, 2016
  • [40] Computer operating system logging and security issues: a survey
    Zeng, Lei
    Xiao, Yang
    Chen, Hui
    Sun, Bo
    Han, Wenlin
    SECURITY AND COMMUNICATION NETWORKS, 2016, 9 (17) : 4804 - 4821
12345