Toward a Normative Approach for Forensicability: Extended Abstract
| Title | Toward a Normative Approach for Forensicability: Extended Abstract |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Ozgur Kafali, Munindar P. Singh, Laurie Williams |
| Conference Name | Proceedings of the International Symposium and Bootcamp on the Science of Security (HotSoS) |
| Date Published | 04/2016 |
| Publisher | ACM |
| Conference Location | Pittsburgh |
| ISBN Number | 978-1-4503-4277-3/16/04 |
| Keywords | Forensic logging, requirements, security, social norms, sociotechnical systems |
| Abstract | Sociotechnical systems (STSs), where users interact with software components, support automated logging, i.e., what a user has performed in the system. However, most systems do not implement automated processes for inspecting the logs when a misuse happens. Deciding what needs to be logged is crucial as excessive amounts of logs might be overwhelming for human analysts to inspect. The goal of this research is to aid software practitioners to implement automated forensic logging by providing a systematic method of using attackers' malicious intentions to decide what needs to be logged. We propose Lokma: a normative framework to construct logging rules for forensic knowledge. We describe the general forensic process of Lokma, and discuss related directions. |
| Citation Key | HotSoS-16:Lokma |
| Refereed Designation | Refereed |