Research Assistants: K. Price, K. Nataraj, T. Tuglular
Sponsor: COAST Laboratory sponsors
Our purpose is to analyze audit trails to determine the format that is best suited to support detecting computer intrusions and misuse. Format refers to the data contained in the audit trails as well as their structure. Most computer systems support some form of audit trail, but it seldom contains enough useful information in the right format to be useful to intrusion and misuse detection systems. The purpose of this project is to develop a sound foundation for future system designers to use.