Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Standardized Syslog Processing: Revisiting Secure Reliable Data Transfer and Message Compression
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science. (PriSec)
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science. (PriSec)ORCID iD: 0000-0001-6459-8409
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science. (PriSec)ORCID iD: 0000-0003-0778-4736
2016 (English)Report (Other academic)
Abstract [en]

Today's computer logs are like smoking guns and treasure maps in case of suspicious system activities: they document intrusions, and log crucial information such as failed system updates and crashed services. An adversary thus has a clear motive to observe, alter, and delete log entries, considering that she could (i) start by using the log's content to identify new security vulnerabilities, and (ii) exploit them without ever being detected. With this in mind we consider syslog standards and open source projects that safeguard events during the storage and transit phases, and examine how data compression effects security. We conclude that there are syslog standards in place that satisfy security on a hop-by-hop basis, that there are no such standards for secure storage, and that message compression is not recommended during transit.

Place, publisher, year, edition, pages
Karlstad: Karlstads universitet, 2016.
Series
Arbetsrapport
Keyword [en]
Syslog, rsyslog, syslog-ng, standardized logging, secure data compression
National Category
Computer Science
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-45392ISBN: 978-91-7063-719-3 (print)OAI: oai:DiVA.org:kau-45392DiVA: diva2:954004
Projects
HITS
Available from: 2016-09-19 Created: 2016-08-19 Last updated: 2017-12-06

Open Access in DiVA

Dahlberg_Pulls_working_paper(2925 kB)65 downloads
File information
File name FULLTEXT02.pdfFile size 2925 kBChecksum SHA-512
ffc491bbac0462386167f6a4225d5a58141d9aa96f8e53307c056e20f712a1870248a09cbf22093c6e6c2a304d9f665a649e02925e4154f84b121d775a095f41
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Dahlberg, RasmusPulls, TobiasLindskog, Stefan
By organisation
Department of Mathematics and Computer Science
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 65 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 411 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf