Analyzing audit trails in the Aeolus security platform
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2011. === Cataloged from PDF version of thesis. === Includes bibliographical references (p. 71-73). === This thesis presents the design and implementation of an analysis system for audit tr...
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | English |
| Published: |
Massachusetts Institute of Technology
2011
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/1721.1/66409 |
| id |
ndltd-MIT-oai-dspace.mit.edu-1721.1-66409 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-MIT-oai-dspace.mit.edu-1721.1-664092019-05-02T16:14:09Z Analyzing audit trails in the Aeolus security platform Analyzing audit trails in the Aeolus Blankstein, Aaron (Aaron M.) Barbara H. Liskov. Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. Electrical Engineering and Computer Science. Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2011. Cataloged from PDF version of thesis. Includes bibliographical references (p. 71-73). This thesis presents the design and implementation of an analysis system for audit trails generated by Aeolus, a distributed security platform based on information flow control. Previous work focused on collecting these audit trails in the form of event logs. This thesis presents a model for representing these events and a system for analyzing them. In addition to allowing users to issue SQL queries over the audit log, this analysis system provides mechanisms for active monitoring of events. This thesis introduces a new model for event monitoring called watchers. These watchers receive updates about events from a watcher manager. This manager allows watchers to specify filters and rules for dynamically modifying those filters. My results show that this analysis system can efficiently process large event logs and manage large sets of queries. by Aaron Blankstein. M.Eng. 2011-10-17T21:22:48Z 2011-10-17T21:22:48Z 2011 2011 Thesis http://hdl.handle.net/1721.1/66409 755089245 eng M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582 73 p. application/pdf Massachusetts Institute of Technology |
| collection |
NDLTD |
| language |
English |
| format |
Others
|
| sources |
NDLTD |
| topic |
Electrical Engineering and Computer Science. |
| spellingShingle |
Electrical Engineering and Computer Science. Blankstein, Aaron (Aaron M.) Analyzing audit trails in the Aeolus security platform |
| description |
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2011. === Cataloged from PDF version of thesis. === Includes bibliographical references (p. 71-73). === This thesis presents the design and implementation of an analysis system for audit trails generated by Aeolus, a distributed security platform based on information flow control. Previous work focused on collecting these audit trails in the form of event logs. This thesis presents a model for representing these events and a system for analyzing them. In addition to allowing users to issue SQL queries over the audit log, this analysis system provides mechanisms for active monitoring of events. This thesis introduces a new model for event monitoring called watchers. These watchers receive updates about events from a watcher manager. This manager allows watchers to specify filters and rules for dynamically modifying those filters. My results show that this analysis system can efficiently process large event logs and manage large sets of queries. === by Aaron Blankstein. === M.Eng. |
| author2 |
Barbara H. Liskov. |
| author_facet |
Barbara H. Liskov. Blankstein, Aaron (Aaron M.) |
| author |
Blankstein, Aaron (Aaron M.) |
| author_sort |
Blankstein, Aaron (Aaron M.) |
| title |
Analyzing audit trails in the Aeolus security platform |
| title_short |
Analyzing audit trails in the Aeolus security platform |
| title_full |
Analyzing audit trails in the Aeolus security platform |
| title_fullStr |
Analyzing audit trails in the Aeolus security platform |
| title_full_unstemmed |
Analyzing audit trails in the Aeolus security platform |
| title_sort |
analyzing audit trails in the aeolus security platform |
| publisher |
Massachusetts Institute of Technology |
| publishDate |
2011 |
| url |
http://hdl.handle.net/1721.1/66409 |
| work_keys_str_mv |
AT blanksteinaaronaaronm analyzingaudittrailsintheaeolussecurityplatform AT blanksteinaaronaaronm analyzingaudittrailsintheaeolus |
| _version_ |
1719037009463345152 |