Please use this identifier to cite or link to this item: https://www.um.edu.mt/library/oar/handle/123456789/119053
Full metadata record
DC FieldValueLanguage
dc.contributor.authorBellizzi, Jennifer-
dc.contributor.authorVella, Mark-
dc.contributor.authorColombo, Christian-
dc.contributor.authorHernandez-Castro, Julio-
dc.date.accessioned2024-02-23T16:46:31Z-
dc.date.available2024-02-23T16:46:31Z-
dc.date.issued2023-
dc.identifier.citationBellizzi, J., Vella, M., Colombo, C., & Hernandez-Castro, J. C. (2023). Using Infrastructure-Based Agents to Enhance Forensic Logging of Third-Party Applications. 9th International Conference on Information Systems Security and Privacy (ICISSP), Lisbon. 389-401.en_GB
dc.identifier.urihttps://www.um.edu.mt/library/oar/handle/123456789/119053-
dc.description.abstractLogs are the primary data source forensic analysts use to diagnose and investigate attacks on deployed applications. Since the default logs may not include all application events required during an investigation, application-specific forensic logging agents are used to forensically enhance third-party applications postdeployment and ensure that any critical events are logged. However, developing such application-specific agents is impractical as this relies on application-specific knowledge requiring significant code comprehension efforts. Furthermore, the resulting forensic logging agents are likely to break compatibility between application versions and across applications; thus, requiring the time-consuming process of agent re-development much more frequently. We propose a more practical approach to developing forensic logging agents that leverages commonly-used underlying infrastructure, which is more stable across application versions and common across different applications. We evaluate our approach in the context of enhanced logging of Android messaging apps. Our results show that this approach can be used to develop logging agents that work across multiple apps while preserving the accuracy of the logs generated, thus mitigating the challenges associated with forensically enhancing third-party applications.en_GB
dc.language.isoenen_GB
dc.rightsinfo:eu-repo/semantics/restrictedAccessen_GB
dc.subjectApplication softwareen_GB
dc.subjectRemote sensingen_GB
dc.subjectComputer communication systemsen_GB
dc.subjectAndroid (Electronic resource)en_GB
dc.subjectOperating systems (Computers) -- Security measuresen_GB
dc.subjectMobile computing -- Security measuresen_GB
dc.subjectSmartphones -- Security measuresen_GB
dc.titleUsing infrastructure-based agents to enhance forensic logging of third-party applicationsen_GB
dc.typeconferenceObjecten_GB
dc.rights.holderThe copyright of this work belongs to the author(s)/publisher. The rights of this work are as defined by the appropriate Copyright Legislation or as modified by any successive legislation. Users may access this work and can make use of the information contained in accordance with the Copyright Legislation provided that the author must be properly acknowledged. Further distribution or reproduction in any format is prohibited without the prior permission of the copyright holderen_GB
dc.bibliographicCitation.conferencename9th International Conference on Information Systems Security and Privacy (ICISSP)en_GB
dc.bibliographicCitation.conferenceplaceLisbon, Portugal. 22-24/02/2023.en_GB
dc.description.reviewedpeer-revieweden_GB
dc.identifier.doi10.5220/0011634700003405-
Appears in Collections:Scholarly Works - FacICTCS

Files in This Item:
File Description SizeFormat 
Using_infrastructure_based_agents_to_enhance_forensic_logging_of_third_party_applications.pdf
  Restricted Access
294.19 kBAdobe PDFView/Open Request a copy


Items in OAR@UM are protected by copyright, with all rights reserved, unless otherwise indicated.