Resul DAS, Muhammet BAYKARA, Gurkan TUNA

Cryptolog: A new approach to provide log security for digital forensics

As security vulnerabilities generated by the developments in information and communication technologies as well as emerging technologies can lead to severe loss in terms of individual and institutional aspects, the importance of information security has been increasing in recent years. Nowadays, digital information is considered as an important asset which must be appropriately evaluated and protected against all forms of unauthorized access, use, disclosure, modification, destruction, or denial. Since information security is more prominent and more important now than ever before, this growing awareness of digital information security has led societies to develop innovative ways of protecting their sensitive information. On the other hand, in today's digital world, keeping sensitive information secure is not as easy as it was in the past. In this regard, it is obvious that for all types of institutions there is a need for security software which provides the necessary security measures and policies for the protection and retrieval of sensitive digital information. To ensure information security, security software must have the ability to make logging of certain events. Through log files, some analysis can be performed to find out what kind of attacks were done by which users and when. In this respect, this study proposes a novel approach of recording traffic flow on the log files stored on a server to determine the changes made by unauthorized people/users on the log records, and this way ensures the security of the log records and contributes to digital forensics processes in terms of accuracy, integrity and confidentiality of the log records.

Keywords:

Log analysis, log collection log security, information security, digital forensics,

PDF

___

11. Hemantha S.B. Herath and Tejaswini C. Herath, “IT security auditing: A performance evaluation decision model”, Decision Support Systems, vol. 57, pp. 54-63, 2014. DOI: 10.1016/j.dss.2013.07.010.
12. R. Das, I. Turkoglu, “Creating meaningful data from web logs for improving the impressiveness of a website by using path analysis method”, Expert Systems with Applications, vol. 36, no. 3, pp. 6635-6644, 2009.
13. R. Daş, İ. Türkoğlu, and M. Poyraz, “Web Kayıt Dosyalarından İlginç Örüntülerin Keşfedilmesi”, Fırat Üniversitesi, Fen ve Mühendislik Bilimleri Dergisi, vol. 19, no. 4, pp. 493-503, 2007.
14. B. Boeck, D. Huemer, and A Min Tjoa, “Towards More Trustable Log Files for Digital Forensics by Means of “Trusted Computing”, 24th IEEE International Conference on Advanced Information Networking and Applications (AINA), 20-23 April 2010, pp. 1020-1027. DOI: 10.1109/AINA.2010.26
15. D. Brezinski and T. Killalea, “Guidelines for evidence collection and archiving”, United States, 2002.
M.T. Goodrich, M.J. Atallah, R. Tamassia, “Indexing information for data forensics”, Lecture Notes in Computer Science, vol. 3531, pp. 206-221, 2005.
Junbin Fang, Zoe L. Jiang, S. M. Yiu, Lucas C.K.Hui, “An Efficient Scheme for Hard Disk Integrity Check in Digital Forensics by Hashing with Combinational Group Testing”, International Journal of Digital Content Technology and its Applications, 5(2), pp.300-308, 2011.
Internet: http://www.tib.gov.tr/en/en-menu-47-information_about_the_regulations_of_the_content_of_the_internet.html
“Payment Card Industry (PCI) Data Security Standard,” Payment Card Industry Security Standards Council, Technical Report, 2010.
United State Government, “Federal Information Security Management Act (FISMA),” 2002. [Online]. Available: http://csrc.nist.gov/groups/SMA/fisma/index.html