Towards Automated Logging for Forensic-Ready Software Systems
|Title:||Towards Automated Logging for Forensic-Ready Software Systems||Authors:||Rivera-Ortiz, Fanny; Pasquale, Liliana||Permanent link:||http://hdl.handle.net/10197/11551||Date:||27-Sep-2019||Online since:||2020-09-08T14:37:36Z||Abstract:||Security incidents can arise from the misuse of existing software systems. Thus, appropriate logging mechanisms should be implemented at the software level to support the detection and investigation of security incidents. However, due to insufficient logging, security incidents often go undetected for long periods. Moreover, even after a security incident is detected, there is not enough information to fully reconstruct how an incident occurred. Insufficient logging may be due to the limited security expertise of software developers, who may not know what are the most critical security incidents. Also, for large software systems and a multitude of potential misuse scenarios, it is cumbersome to identify when and what logging instructions should be implemented. In this paper, we propose a preliminary idea to automate the development of "forensic-ready" software systems. These systems can log a minimum amount of relevant data that can be used to detect and investigate potential security incidents. Our approach allows a security engineer to elicit a set of potential software misuse scenarios, expressed as annotated sequence diagrams. These diagrams are then used—together with a control flow graph of the software system— to identify the exact location where logging instructions should be placed and the information they should log. Finally, logging instructions can be injected into designated software system locations using Aspect-Oriented Programming. We illustrate our approach using an example of software misuse in a human resources management software system.||Funding Details:||Science Foundation Ireland||Type of material:||Conference Publication||Publisher:||IEEE||Copyright (published version):||2019 IEEE||Keywords:||Bioengineering; Forensic readiness; Forensic-ready software systems; Logging; Logging in software systems; Digital forensics||DOI:||10.1109/rew.2019.00033||Other versions:||http://re19.ajou.ac.kr/||Language:||en||Status of Item:||Peer reviewed||Is part of:||2019 IEEE 27th International Requirements Engineering Conference Workshops: Proceedings||Conference Details:||The 27th IEEE International Requirements Engineering Conference, Jeju Island, South Korea, 23-27 September 2019|
|Appears in Collections:||Computer Science Research Collection|
Show full item record
This item is available under the Attribution-NonCommercial-NoDerivs 3.0 Ireland. No item may be reproduced for commercial purposes. For other possible restrictions on use please refer to the publisher's URL where this is made available, or to notes contained in the item itself. Other terms may apply.