@inproceedings{6061db2798f843748351389a670e3ab2,
title = "Enterprise wide centralized logging mechanism for application level intrusion detection",
abstract = "Due to increase in occurrences of intrusion events, organizations are now moving towards implementation of various types of monitoring systems to detect and prevent IT security breaches. For that purpose, different techniques have been used. Logging is one of such technique. Typical enterprise consists of firewalls, intrusion detection systems, operating systems, legacy applications etc, where each element uses its own conventions and formats of logs. It increases the complexity in comprehensive analysis of logs to generate real time alerts and it also increases time to conduct forensic analysis. In this paper we have presented the concept of application level unification of logs in a consistent format at centralized locations to detect and prevent real time or near real time intrusions in a cost effective manner.",
keywords = "Enterprise, IDMEF, Intrusion detection, Logging mechanism",
author = "Shaikh, {Riaz A.} and Saeed Rajput and Zaidi, {S. M. H.} and Kashif Sharif",
year = "2005",
language = "English",
isbn = "1932415823",
series = "Proceedings of The 2005 International Conference on Security and Management, SAM'05",
pages = "144--148",
booktitle = "Proceedings of The 2005 International Conference on Security and Management, SAM'05",
note = "2005 International Conference on Security and Management, SAM'05 ; Conference date: 20-06-2005 Through 23-06-2005",
}