Auditing overhead, auditing adaptation, and benchmark evaluation in Linux. Issue 18 (4th June 2015)
- Record Type:
- Journal Article
- Title:
- Auditing overhead, auditing adaptation, and benchmark evaluation in Linux. Issue 18 (4th June 2015)
- Main Title:
- Auditing overhead, auditing adaptation, and benchmark evaluation in Linux
- Authors:
- Zeng, Lei
Xiao, Yang
Chen, Hui - Abstract:
- Abstract: Logging is a critical component of Linux auditing. However, our experiments indicate that the logging overhead can be significant. The paper aims to leverage the performance overhead introduced by Linux audit framework under various usage patterns. The study on the problem leads to an adaptive audit‐logging mechanism. Many security incidents or other important events are often accompanied with precursory events. We identify important precursory events – the vital signs of system activity and the audit events that must be recorded. We then design an adaptive auditing mechanism that increases or reduces the type of events collected and the frequency of events collected based upon the online analysis of the vital‐sign events. The adaptive auditing mechanism reduces the overall system overhead and achieves a similar level of protection on the system and network security. We further adopt LMbench to evaluate the performance of key operations in Linux with compliance to four security standards. Copyright © 2015 John Wiley & Sons, Ltd. Abstract : The paper aims to leverage the performance overhead introduced by Linux audit framework under various usage patterns. The study on the problem leads to an adaptive audit logging mechanism.
- Is Part Of:
- Security and communication networks. Volume 8:Issue 18(2015)
- Journal:
- Security and communication networks
- Issue:
- Volume 8:Issue 18(2015)
- Issue Display:
- Volume 8, Issue 18 (2015)
- Year:
- 2015
- Volume:
- 8
- Issue:
- 18
- Issue Sort Value:
- 2015-0008-0018-0000
- Page Start:
- 3523
- Page End:
- 3534
- Publication Date:
- 2015-06-04
- Subjects:
- logging -- overhead -- Linux -- auditing
Computer networks -- Security measures -- Periodicals
Computer security -- Periodicals
Cryptography -- Periodicals
005.805 - Journal URLs:
- http://onlinelibrary.wiley.com/journal/10.1002/(ISSN)1939-0122 ↗
https://www.hindawi.com/journals/scn/ ↗
http://onlinelibrary.wiley.com/ ↗ - DOI:
- 10.1002/sec.1277 ↗
- Languages:
- English
- ISSNs:
- 1939-0114
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD Digital store
- Ingest File:
- 10958.xml