Towards more Trustable Log Files for Digital Forensics by Means of "Trusted Computing"

被引：14

作者：

Boeck, Benjamin

Huemer, David ^{[1
]}

Tjoa, A. Min ^{[1
]}

机构：

[1] Tech Univ, Software Technol & Interactive Syst, Yienna, Austria

来源：

2010 24TH IEEE INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS (AINA) | 2010年

关键词：

forensics; trust; log; logging; authentication; validation; tpm; trusted; computing; svm;

D O I：

10.1109/AINA.2010.26

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Trustable log data is essential in digital forensic investigations in order to allow reliable reconstruction of events. Existing solutions do not provide adequate protection, exposing the log-producing application to software-based attacks. In this paper we provide a solution based on Trusted Computing using a Trusted Platform Module (TPM) and AMD's Secure Virtual Machine technology (SVM). While current solutions only protect against manipulation of existing logs, we go one step further by establishing hardware-based trust in the log producing application. Our solution ensures confidentiality, integrity and non-repudiation during creation, storage and transmission of log data.

引用

页码：1020 / 1027

页数：8

共 2 条

[1] A Log-based Approach to Make Digital Forensics Easier on Cloud Computing
Sang, Ting
2013 THIRD INTERNATIONAL CONFERENCE ON INTELLIGENT SYSTEM DESIGN AND ENGINEERING APPLICATIONS (ISDEA), 2013, : 91 - 94
[2] The challenges of identifying and classifying child sexual exploitation material: Moving towards a more ecologically valid pilot study with digital forensics analysts
Kloess, Juliane A.
Woodhams, Jessica
Hamilton-Giachritsis, Catherine E.
CHILD ABUSE & NEGLECT, 2021, 118

← 1 →