SAINT-ly Protection of Computer Systems

Page Content

Diego Zamboni - CERIAS

Sep 13, 1996

Abstract

One problem with Unix systems and security tools currently in use is that they generate several different log files, in different formats and different places. It's up to the administrator to read them all, and it's often difficult to do this in a consistent fashion. Furthermore, there may be entries in these log files that, by themselves, aren't very significant, but that when associated with entries in other log files, could point to possible problems.

This talk presents the design of SAINT, a tool being developed at the National Autonomous University of Mexico that will allow integrated analysis of information gathered from various sources, such as security tools and system logs. By simulating events occurring in the systems, and collected from the different sources, SAINT will allow detection, or even prevention of problems that may otherwise go undetected due to lack of information about them in any single place. SAINT's modular and extensible architecture make it feasible to add new modules for processing new data types, detecting new kinds of problems, or presenting the results in different formats.



Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52, West Lafayette Campus. More information...

© 1999-2013 Purdue University. All rights reserved.

Use/Reuse Guidelines

CERIAS Seminar materials are intended for educational, non-commercial use only and any or all commercial use is prohibited. Any use must attribute "The CERIAS Seminar at Purdue University." Opinions expressed in the recordings are not necessarily representative of the views of CERIAS or of Purdue University.