Skip to main content
SpringerLink
Log in

The Research on Security Audit for Information System Classified Protection

  • Conference paper
  • First Online:
Cloud Computing and Security (ICCCS 2018)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 11064))

Included in the following conference series:

  • 1934 Accesses

Abstract

In the first part of this article, we’ll introduce the security problem and the shortage of the now-widely-used security tools to expatiate on why we need Security Audit System. In the second part what is Security Audit System will be introduced. After this part we’ll also introduce the techniques related to Security Audit. And in the forth part some methods to implement Security Audit System will be analysed. Some essential points when implementing a Security Audit System will be talk about in the last part.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Habra, N., Le Charlier, B., Mounji, A., Mathieu, I.: Preliminary Report on Advanced Security Audit Trail Analysis on Unix (ASAX also called SAT-X)

    Google Scholar 

  2. CCITT Recommendation X.740 Information Technology – Open System Interconnection - System Management: Security Audit Trail Function

    Google Scholar 

  3. Lee, W., Stolfo, S.J.: Data Mining Approaches for Intrusion Detection. Computer Science Department, Columbia University (1998)

    Google Scholar 

  4. Safford, D.R., Schales, D.L., Hess, D.K.: The TAMU Security Package: An Ongoing Response to Internet Intruders in an Academic Environment. Supercomputer Center, Texas A&M University (1993)

    Google Scholar 

  5. Vigna, G.: Inspect: A Lightweight Distributed Approach to Automated Audit Trail Analysis

    Google Scholar 

  6. Bishop, M., Wee, C., Frank, J.: Goal Oriented Auditing and Logging. Department of Computer Science, University of California at Davis (1996)

    Google Scholar 

  7. U.S. National Computer Security Center. A Guide to Understanding Audit in Trusted System (l988)

    Google Scholar 

  8. Moeller, R.R.: Computer Audit. Control and Security. Wiley, New York (1989)

    Google Scholar 

  9. U.S. National Computer Security Center Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria

    Google Scholar 

  10. Haines, J.: Ryder, DK: Validation of sensor alert correlators. IEEE Secur. Priv. 1(1), 46–56 (2003)

    Article  Google Scholar 

  11. Kliger, S., Yemini, S.: A coding approach to event correlation. In: Proceedings of 4th International Symposium on Integrated Network Management (IFIP/IEEE), Santa Barbara, CA (1995)

    Google Scholar 

  12. Gruschke, B.: Integrated Event Management Event Correlation Using Dependency Graphs (1998)

    Google Scholar 

  13. Hasan, M., Sugla, B., Viswanathan, R.: A conceptual framework for network management event correlation and filtering systems. In: Proceedings of the Sixth IFIP/IEEE International Symposium on Integrated Management (1999)

    Google Scholar 

  14. Liu, G., Mok, A.K., Yang, E.J.: Composite events for network event correlation. In: Proceedings of the Sixth IFIP/IEEE International Symposium on Integrated Network Management, Distributed Management for the Networked Millennium, pp. 247–260. IEEE (1999)

    Google Scholar 

  15. Ohsie, D., Mayer, A., Kliger, S.: Event modeling with the MODEL language: a tutorial introduction (2004)

    Google Scholar 

  16. Cuppens, F., Miege, A.: Alert correlation in a cooperative intrusion detection framework. In: Proceedings of 2002 IEEE Symposium on Security and privacy, pp. 202–215. IEEE (2002)

    Google Scholar 

  17. Gula, R.: Correlating IDS alerts with vulnerability information (2004)

    Google Scholar 

  18. Debar, H., Wespi, A.: Aggregation and correlation of intrusion-detection alerts. In: Lee, W., Mé, L., Wespi, A. (eds.) RAID 2001. LNCS, vol. 2212, pp. 85–103. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45474-8_6

    Chapter  MATH  Google Scholar 

  19. Lee, W., Stolfo, S.J.: A framework for constructing features and models for intrusion detection systems. ACM Trans. Inf. Syst. Secur. 3(4), 227–261 (2000)

    Article  Google Scholar 

  20. Stolfo, S.J., Lee, W.: Data mining-based intrusion detectors: an overview of the Columbia IDS project. SIGMOD Rec. 30(4), 5–14 (2001)

    Article  Google Scholar 

  21. Lee, W., Stolfo, S.J.: Real time data mining-based intrusion detection. In: Proceedings of DISCEX II (2001)

    Google Scholar 

  22. Locasto, M.E., Parekh, J.J., Stolfo, S., Keromytis, A.D., Malkin, T.G., Misra, V.: Collaborative distributed intrusion detection (2004)

    Google Scholar 

Download references

Acknowledgment

This paper is supported by the National Natural Science Foundation of China under Grant No. 61572153 and the National Key research and Development Plan (Grant No. 2018YFB0803504).

Author information

Authors and Affiliations

  1. Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510006, China

    Hui Lu, Xiang Cui, Le Wang & Yu Jiang

  2. Research Center of Computer Network and Information Security Technology, Harbin Institute of Technology, Harbin, Heilongjiang Province, China

    Meng Cui

Authors
  1. Hui Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xiang Cui
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Le Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yu Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Meng Cui
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hui Lu .

Editor information

Editors and Affiliations

  1. Nanjing University of Information Science and Technology, Nanjing, China

    Xingming Sun

  2. Nanjing University of Information Science and Technology, Nanjing, China

    Zhaoqing Pan

  3. Department of Computer Science, Purdue University, West Lafayette, IN, USA

    Elisa Bertino

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Lu, H., Cui, X., Wang, L., Jiang, Y., Cui, M. (2018). The Research on Security Audit for Information System Classified Protection. In: Sun, X., Pan, Z., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2018. Lecture Notes in Computer Science(), vol 11064. Springer, Cham. https://doi.org/10.1007/978-3-030-00009-7_28

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-00009-7_28

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-00008-0

  • Online ISBN: 978-3-030-00009-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation