Asax: Software architecture and rule-based language for universal audit trail analysis

Naji Habra, Baudouin Le Charlier, Abdelaziz Mounji, Isabelle Mathieu

    Résultats de recherche: Contribution dans un livre/un catalogue/un rapport/dans les actes d'une conférenceArticle dans les actes d'une conférence/un colloque

    Résumé

    After a brief survey of the problems related to audit trail analysis and of some approaches to deal with them, the paper outlines the project ASAX which aims at providing an advanced tool to support such analysis. One key feature of ASAX is its elegant architecture build on top of a universal analysis tool allowing any audit trail to be analysed after a straight format adaptation. Another key feature of the project ASAX is the language RUSSEL used to express queries on audit trails. RUSSEL is a rulebased language which is tailor-made for the analysis of sequential files in one and only one pass. The conception of RUSSEL makes a good compromise with respect to the needed efficiency on the one hand and to the suitable declarative look on the other hand. The language is illustrated by examples of rules for the detection of some representative classical security breaches.

    langue originaleAnglais
    titreComputer Security - ESORICS 1992 - 2nd European Symposium on Research in Computer Security, Proceedings
    rédacteurs en chefJean-Jacques Quisquater, Gerard Eizenberg , Yves Deswarte
    EditeurSpringer Verlag
    Pages435-450
    Nombre de pages16
    ISBN (imprimé)9783540562467
    étatPublié - 1 janv. 1992
    Evénement2nd European Symposium on Research in Computer Security, ESORICS 1992 - Toulouse, France
    Durée: 23 nov. 199225 nov. 1992

    Série de publications

    NomLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
    Volume648 LNCS
    ISSN (imprimé)0302-9743
    ISSN (Electronique)1611-3349

    Une conférence

    Une conférence2nd European Symposium on Research in Computer Security, ESORICS 1992
    PaysFrance
    La villeToulouse
    période23/11/9225/11/92

      Empreinte digitale

    Contient cette citation

    Habra, N., Le Charlier, B., Mounji, A., & Mathieu, I. (1992). Asax: Software architecture and rule-based language for universal audit trail analysis. Dans J-J. Quisquater, G. Eizenberg , & Y. Deswarte (eds.), Computer Security - ESORICS 1992 - 2nd European Symposium on Research in Computer Security, Proceedings (p. 435-450). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol 648 LNCS). Springer Verlag.