KJCKorea
Journal Central

@article{ART000929273},
author={고병수 and Choi,Yong-Rak and 박영신},
title={A design of Secure Audit / Trace Module to Support Computer Forensics},
journal={Journal of The Korea Society of Computer and Information},
issn={1598-849X},
year={2004},
volume={9},
number={1},
pages={79-86}

TY - JOUR
AU - 고병수
AU - Choi,Yong-Rak
AU - 박영신
TI - A design of Secure Audit / Trace Module to Support Computer Forensics
JO - Journal of The Korea Society of Computer and Information
PY - 2004
VL - 9
IS - 1
PB - The Korean Society Of Computer And Information
SP - 79
EP - 86
SN - 1598-849X
AB - In general, operating system is offering the security function of OS level to support several web services. However, it is true that security side of OS level is weak from many parts. Specially, it is needed to audit/trace function in security kernel level to satisfy security more than B2 level that define in TCSEC(Trusted Computer System Evaluation Criteria). So we need to create audit data at system call invocation for this, and do to create audit data of equal format about almost event and supply information to do traceback late. This paper proposes audit/trace system module that use LKM(Loadable Kernel Module) technique. It is applicable without alteration about existing linux kernel to ensure safe evidence. It offers interface that can utilize external audit data such as intrusion detection system, and also offers safe role based system that is divided system administrator and security administrator. These data will going to utilize to computer forensics' data that legal confrontation is possible.
KW -
DO -
UR -
ER -

고병수, Choi,Yong-Rak and 박영신. (2004). A design of Secure Audit / Trace Module to Support Computer Forensics. Journal of The Korea Society of Computer and Information, 9(1), 79-86.

고병수, Choi,Yong-Rak and 박영신. 2004, "A design of Secure Audit / Trace Module to Support Computer Forensics", Journal of The Korea Society of Computer and Information, vol.9, no.1 pp.79-86.

고병수, Choi,Yong-Rak, 박영신 "A design of Secure Audit / Trace Module to Support Computer Forensics" Journal of The Korea Society of Computer and Information 9.1 pp.79-86 (2004) : 79.

고병수, Choi,Yong-Rak, 박영신. A design of Secure Audit / Trace Module to Support Computer Forensics. 2004; 9(1), 79-86.

고병수, Choi,Yong-Rak and 박영신. "A design of Secure Audit / Trace Module to Support Computer Forensics" Journal of The Korea Society of Computer and Information 9, no.1 (2004) : 79-86.

고병수; Choi,Yong-Rak; 박영신. A design of Secure Audit / Trace Module to Support Computer Forensics. Journal of The Korea Society of Computer and Information, 9(1), 79-86.

고병수; Choi,Yong-Rak; 박영신. A design of Secure Audit / Trace Module to Support Computer Forensics. Journal of The Korea Society of Computer and Information. 2004; 9(1) 79-86.

고병수, Choi,Yong-Rak, 박영신. A design of Secure Audit / Trace Module to Support Computer Forensics. 2004; 9(1), 79-86.

고병수, Choi,Yong-Rak and 박영신. "A design of Secure Audit / Trace Module to Support Computer Forensics" Journal of The Korea Society of Computer and Information 9, no.1 (2004) : 79-86.