Design and implementation of a secure and searchable audit logging system

Download
2007
İncebacak, Davut
Logs are append-only time-stamped records to represent events in computers or network devices. Today, in many real-world networking applications, logging is a central service however it is a big challenge to satisfy the conflicting requirements when the security of log records is of concern. On one hand, being kept on mostly untrusted hosts, the logs should be preserved against unauthorized modifications and privacy breaches. On the other, serving as the primary evidence for digital crimes, logs are often needed for analysis by investigators. In this thesis, motivated by these requirements we define a model which integrates forward integrity techniques with search capabilities of encrypted logs. We also implement this model with advanced cryptographic primitives such as Identity Based Encryption. Our model, in one side, provides secure delegation of search capabilities to authorized users while protecting information privacy, on the other, these search capabilities set boundaries of a user’s search operation. By this way user can not access logs which are not related with his case. Also, in this dissertation, we propose an improvement to Schneier and Kelsey’s idea of forward integrity mechanism.

Suggestions

Performance analysis of reliable multicast protocols
Çelik, Coşkun; Bazlamaçcı, Cüneyt Fehmi; Department of Electrical and Electronics Engineering (2004)
IP multicasting is a method for transmitting the same information to multiple receivers over IP networks. Reliability issue of multicasting contains the challenges for detection and recovery of packet losses and ordered delivery of the entire data. In this work, existing reliable multicast protocols are classified into three main groups, namely tree based, NACK-only and router assisted, and a representative protocol for each group is selected to demonstrate the advantages and disadvantages of the correspond...
An image retrieval system based on region classification
Özcanli-Özbay, Özge Can; Yarman Vural, Fatoş Tunay; Department of Computer Engineering (2004)
In this thesis, a Content Based Image Retrieval (CBIR) system to query the objects in an image database is proposed. Images are represented as collections of regions after being segmented with Normalized Cuts algorithm. MPEG-7 content descriptors are used to encode regions in a 239-dimensional feature space. User of the proposed CBIR system decides which objects to query and labels exemplar regions to train the system using a graphical interface. Fuzzy ARTMAP algorithm is used to learn the mapping between f...
Semantic service discovery with heuristic relevance calculation
Özyönüm, Müge; Doğru, Ali Hikmet; Department of Computer Engineering (2010)
In this thesis, a semantically aided web service and restful service search mechanism is presented that makes use of an ontology. The mechanism relates method names, input and output parameters for ontology guided matches and offers results with varying relevance corresponding to the matching degree. The mechanism is demonstrated using an experimental domain that is tourism and travel. An ontology is created to support a set of web services that exist in this domain.
On the security of tiger hash function
Özen, Onur; Doğanaksoy, Ali; Department of Cryptography (2008)
Recent years have witnessed several real threats to the most widely used hash functions which are generally inspired from MD4, such as MD5, RIPEMD, SHA0 and SHA1. These extraordinary developments in cryptanalysis of hash functions brought the attention of the cryptology researchers to the alternative designs. Tiger is an important type of alternative hash functions and is proved to be secure so far as there is no known collision attack on the full (24 rounds) Tiger. It is designed by Biham and Anderson in 1...
An image encryption algorithm robust to post-encryption bitrate conversion
Akdağ, Sadık Bahaettin; Candan, Çağatay; Department of Electrical and Electronics Engineering (2006)
In this study, a new method is proposed to protect JPEG still images through encryption by employing integer-to-integer transforms and frequency domain scrambling in DCT channels. Different from existing methods in the literature, the encrypted image can be further compressed, i.e. transcoded, after the encryption. The method provides selective encryption/security level with the adjustment of its parameters. The encryption method is tested with various images and compared with the methods in the literature ...
Citation Formats
D. İncebacak, “Design and implementation of a secure and searchable audit logging system,” M.S. - Master of Science, Middle East Technical University, 2007.