Computer operating system logging and security issues: a survey

Zeng, Lihua; Xiao, Yang; Chen, Hui; Sun, Bo; Han, Wenlin

doi:10.1002/sec.1677

Cited by 19 publications

(9 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Khan et al [75] focused on logs in the cloud computing environment and the logs were leveraged for identifying and preventing suspicious attacks. Zeng et al [155] studied the logging mechanisms and security issues in three computer operating systems. A recent publication [79] reviewed clustering based approaches in cyber security applications.…”

Section: Survey Methodologymentioning

confidence: 99%

A Survey on Automated Log Analysis for Reliability Engineering

Chen

et al. 2020

Preprint

View full text Add to dashboard Cite

Logs are semi-structured text generated by logging statements in software source code. In recent decades, software logs have become imperative in the reliability assurance mechanism of many software systems because they are often the only data available that record software runtime information. As modern software is evolving into a large scale, the volume of logs has increased rapidly. To enable effective and efficient usage of modern software logs in reliability engineering, a number of studies have been conducted on automated log analysis. This survey presents a detailed overview of automated log analysis research, including how to automate and assist the writing of logging statements, how to compress logs, how to parse logs into structured event templates, and how to employ logs to detect anomalies, predict failures, and facilitate diagnosis. Additionally, we survey work that releases open-source toolkits and datasets. Based on the discussion of the recent advances, we present several promising future directions toward real-world and next-generation automated log analysis.CCS Concepts: • Software and its engineering → Software maintenance tools; Software creation and management.

show abstract

Section: Survey Methodologymentioning

confidence: 99%

A Survey on Automated Log Analysis for Reliability Engineering

Chen

et al. 2020

Preprint

View full text Add to dashboard Cite

show abstract

“…Both the Linux and Windows kernels are designed differently and there is a large Windows application installed base and therefore it is of interest to know the comparative security strengths and weaknesses between the two. So far, most of the security analysis of the Windows and Linux operating systems were carried out several years ago and were considered out-dated [167], [153], [132], [9], [168].…”

Section: Future Research Directionsmentioning

confidence: 99%

Threat Modeling and Security Analysis of Containers: A Survey

Wong¹,

Chekole²,

Ochoa³

et al. 2021

Preprint

View full text Add to dashboard Cite

Traditionally, applications that are used in large and small enterprises were deployed on "bare metal" servers installed with operating systems. Recently, the use of multiple virtual machines (VMs) on the same physical server was adopted due to cost reduction and flexibility. Nowadays, containers have become popular for application deployment due to smaller footprints than the VMs, their ability to start and stop more quickly, and their capability to pack the application binaries and their dependencies/libraries in standalone units for seamless portability. A typical container ecosystem includes a code repository (e.g., GitHub) where the container images are built from the codes and libraries and then pushed to the image registry (e.g., Docker Hub) for subsequent deployment as application containers. However, the pervasive use of containers also leads to a wide-range of security breaches such as attackers stealing credentials, source codes and sensitive data from image registry and code repository, carrying out DoS attacks on application containers, and gaining root access to misuse the underlying host resources, among others. In this paper, we first perform threat modeling on the containers ecosystem using the popular threat modeling framework, called STRIDE. Using STRIDE, we identify the vulnerabilities in each system component, and investigate potential security threats and their consequences. Then, we conduct a comprehensive survey on the existing countermeasures designed against the identified threats and vulnerabilities in containers. In particular, we assess the strengths and weaknesses of the existing mitigation strategies designed against such threats. We believe that this work will help researchers and practitioners to gain a deeper understanding of the threat landscape in containers and the state-of-the-art countermeasures. We also discuss open research problems, the research gaps and future research directions in containers security, which may ignite further research to be done in this area.

show abstract

“…Prevention of Malice Software a 12 Media Processing and Security a 13 Operation Program and Duty a 14 Network Management a 15 Information and Software, Hardware Exchange a 21 Management of Network Access a 22 Management of User's Access a 23 Management of Application Access a 24 System Access and Monitoring of Usage a 31 Effect on Tangible Assets a 32 Effect on Intangible Assets…”

Section: Criteria Description Of the Criteriamentioning

confidence: 99%

“…Besides, many studies have researched the security of computer networks because of the emergence of a large number of cyber crimes, which are researched in many studies [9,10]. To combat cyber crimes vigorously, studies regarding computer forensics [11,12], virus prevention technologies [13], security visualization for computer network logs [14], intrusion detection [15], etc., have been performed in recent years. In addition, approaches of computer network security risk assessment are also of great significance to improve computer network security.…”

Section: Introductionmentioning

confidence: 99%

A Novel Network Security Risk Assessment Approach by Combining Subjective and Objective Weights under Uncertainty

et al. 2018

View full text Add to dashboard Cite

Nowadays, computer networks are playing a more and more important role in people's daily lives. Meanwhile, the security of computer networks has also attracted widespread concern. However, up to now, there is no universal and effective assessment approach for computer network security. Therefore, a novel network security risk assessment approach by combining subjective and objective weights under uncertainty is proposed. In the proposed evaluation approach, the uncertainty of evaluation data is taken into account, which is translated into objective weights through an uncertainty measure. By combining the subjective weights of evaluation criteria and the objective weights of evaluation data, the final weights can be obtained. Then, Dempster-Shafer (D-S) evidence theory and pignistic probability transformation (PPT) are employed to derive a consensus decision for the degree of the network security risk. Two illustrative examples are given to show the efficiency of the proposed approach. This approach of risk assessment, which combines subjective and objective weights, can not only effectively evaluate computer network security, but also be widely used in decision-making.

show abstract

Computer operating system logging and security issues: a survey

Abstract: Logging has become a fundamental feature within the modern computer operating systems because of the fact that logging may be used through a variety of applications and fashion, such as system tuning, auditing, and intrusion detection systems.

Cited by 19 publications

References 27 publications

A Survey on Automated Log Analysis for Reliability Engineering

A Survey on Automated Log Analysis for Reliability Engineering

Threat Modeling and Security Analysis of Containers: A Survey

A Novel Network Security Risk Assessment Approach by Combining Subjective and Objective Weights under Uncertainty

Contact Info

Product

Resources

About