| 基于Windows日志的安全审计技术研究 |
| |
| 引用本文: | 宁兴旺,刘培玉,孔祥霞.基于Windows日志的安全审计技术研究[J].山东科学,2009,22(1):40-45. |
| |
| 作者姓名: | 宁兴旺 刘培玉 孔祥霞 |
| |
| 作者单位: | 山东师范大学信息科学与工程学院,山东,济南,250014 |
| |
| 摘 要: | 事件日志记录着操作系统或应用程序中重要的事件。通过对日志进行分析,发现所需事件信息和规律是安全审计的根本目的。文章讨论了对Windows系统日志文件进行集中式统一管理,采用API钩子技术实现Windows下的审计数据的获取,并通过对Windows日志的分析给出了一种基于主机日志分析的安全审计通用模型。
|
| 关 键 词: | 主机日志 安全审计 计算机安全 |
Research on Windows Log Based Security Audit Technology |
| |
| Ning Xing-wang,LIU Pei-yu,KONG Xiang-xia.Research on Windows Log Based Security Audit Technology[J].Shandong Science,2009,22(1):40-45. |
| |
| Authors: | Ning Xing-wang LIU Pei-yu KONG Xiang-xia |
| |
| Institution: | ( School of Information Science and Engineering, Shandong Normal University, Jinan 250014, China ) |
| |
| Abstract: | An event log records some important events of an operating system or an application procedure.It is the primary purpose of a security audit to discover the required information and rules of an event by the analysis of a log.This paper discusses the central and global managment of windows system log files,employs such a techanology as API hook to acquire the audit data of windows system,and presents a host log analysis based security audit universal model by the analysis of a windows log. |
| |
| Keywords: | host log security audit computer security |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
