• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.4
• /
• pp.39-45
• /
• 2011

Application log files contain error messages; operational data and usage information that can help manage applications and servers. Log analysis system is software that read and parse log files, extract and aggregate information in order to generate reports on the application. In currently, the importance of log files of firewalls is growing bigger and bigger for the forensics of cyber crimes and the establishment of security policy. In this paper, we designed and implemented the SILAS(SysLog-based Integrated Log mAanagement System) in distribute network environments. It help to generate reports on the the log fires of firewalls - IP and users, and statistics of application usage.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.1030-1032
• /
• 2011

주요 ISP(Internet Service Provider)와 금융기관 및 공공기관에서는 로그 분석에 대한 관심도가 높아지고 있다. 보안사고 발생시 원인 규명을 위한 근거자료와 재발방지를 위한 정보를 제공하고, 이를 기반으로 정보보호시스템 관리자에게 다양한 보안정책을 수립할 수 있는 기반자료로 활용 로그정보의 수집과 대용량의 로그정보를 백업할 수 있는 통합로그수집/백업시스템의 필요성이 절실히 요구되고 있다. 이에 본 논문에서는 로그메시지를 처리하기 위해서 제공하는 표준 인터페이스 중 하나인 SysLog를 기반으로 이종의 침입차단시스템의 로그를 통합관리하는 시스템을 설계 구현하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.11
• /
• pp.2577-2596
• /
• 2013

In this paper, we present an Energy-Aware Self-Stabilizing Distributed Clustering protocol based on message-passing model for Ad Hoc networks. The latter does not require any initialization. Starting from an arbitrary configuration, the network converges to a stable state in a finite time. Our contribution is twofold. We firstly give the formal proof that the stabilization is reached after at most n+2 transitions and requires at most $n{\times}log(2n+{\kappa}+3)$ memory space, where n is the number of network nodes and ${\kappa}$ represents the maximum hops number in the clusters. Furthermore, using the OMNeT++ simulator, we perform an evaluation of our approach. Secondly, we propose an adaptation of our solution in the context of Wireless Sensor Networks (WSNs) with energy constraint. We notably show that our protocol can be easily used for constructing clusters according to multiple criteria in the election of cluster-heads, such as nodes' identity, residual energy or degree. We give a comparison under the different election metrics by evaluating their communication cost and energy consumption. Simulation results show that in terms of number of exchanged messages and energy consumption, it is better to use the Highest-ID metric for electing CHs.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.37-45
• /
• 2015

In IT system, logs are an indicator of the previous key events. Therefore, when a security problem occurs in the system, logs are used to find evidence and solution to the problem. So, it is important to ensure the integrity of the stored logs. Existing schemes have been proposed to detect tampering of the stored logs after the key has been exp osed. Existing schemes are designed separately in terms of log transmission and storage. We propose a new log sys tem for integrating log transmission with storage. In addition, we prove the security requirements of the proposed sc heme and computational efficiency with existing schemes.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.85-96
• /
• 2015

In IT system, logs are an indicator of the previous key events. Therefore, when a security problem occurs in the system, logs are used to find evidence and solution to the problem. So, it is important to ensure the integrity of the stored logs. Existing schemes have been proposed to detect tampering of the stored logs after the key has been exp osed. Existing schemes are designed separately in terms of log transmission and storage. We propose a new log sys tem for integrating log transmission with storage. In addition, we prove the security requirements of the proposed sc heme and computational efficiency with existing schemes.