Using Infrastructure-Based Agents to Enhance Forensic Logging of Third-Party Applications

Jennifer Bellizzi; Mark Vella; Christian Colombo; Julio Hernandez-Castro

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Using Infrastructure-Based Agents to Enhance Forensic Logging of Third-Party Applications

Topics: Data and Software Security; Intrusion Detection and Response; Mobile Security

In Proceedings of the 9th International Conference on Information Systems Security and Privacy ICISSP - Volume 1, 389-401, 2023 , Lisbon, Portugal

Authors: Jennifer Bellizzi ¹ ; Mark Vella ¹ ; Christian Colombo ¹ and Julio Hernandez-Castro ²

Affiliations: ¹ Department of Computer Science, University of Malta, Msida, Malta ; ² School of Computing, Cornwallis South, University of Kent, Canterbury, U.K.

Keyword(s): Enhanced Forensic Logging, Deeper Endpoint Visibility, Digital Forensics, Android Security.

Abstract: Logs are the primary data source forensic analysts use to diagnose and investigate attacks on deployed applications. Since the default logs may not include all application events required during an investigation, application-specific forensic logging agents are used to forensically enhance third-party applications post-deployment and ensure that any critical events are logged. However, developing such application-specific agents is impractical as this relies on application-specific knowledge requiring significant code comprehension efforts. Furthermore, the resulting forensic logging agents are likely to break compatibility between application versions and across applications; thus, requiring the time-consuming process of agent re-development much more frequently. We propose a more practical approach to developing forensic logging agents that leverages commonly-used underlying infrastructure, which is more stable across application versions and common across different applications. W e evaluate our approach in the context of enhanced logging of Android messaging apps. Our results show that this approach can be used to develop logging agents that work across multiple apps while preserving the accuracy of the logs generated, thus mitigating the challenges associated with forensically enhancing third-party applications. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 18.224.39.32

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Bellizzi, J.; Vella, M.; Colombo, C. and Hernandez-Castro, J. (2023). Using Infrastructure-Based Agents to Enhance Forensic Logging of Third-Party Applications. In Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-624-8; ISSN 2184-4356, SciTePress, pages 389-401. DOI: 10.5220/0011634700003405

@conference{icissp23,
author={Jennifer Bellizzi. and Mark Vella. and Christian Colombo. and Julio Hernandez{-}Castro.},
title={Using Infrastructure-Based Agents to Enhance Forensic Logging of Third-Party Applications},
booktitle={Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP},
year={2023},
pages={389-401},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011634700003405},
isbn={978-989-758-624-8},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP
TI - Using Infrastructure-Based Agents to Enhance Forensic Logging of Third-Party Applications
SN - 978-989-758-624-8
IS - 2184-4356
AU - Bellizzi, J.
AU - Vella, M.
AU - Colombo, C.
AU - Hernandez-Castro, J.
PY - 2023
SP - 389
EP - 401
DO - 10.5220/0011634700003405
PB - SciTePress