Provided by: TechnoMaster Co. Ltd.
Date Added: May 2009
In this paper, the authors describe a forensic logging system that collects fine-grained trace evidence from target servers and networks. To provide a more reliable and efficient forensic logging system, they developed a dedicated network processor that collects network traffic and a hardened TCSEC-B1 level secure operating system. The system also is capable of defending servers from malicious attacks as well as allowing system security managers to obtain forensic evidence from the forensic logging system when the target system is assaulted by malicious attacks from the internet.