SAINT-ly Protection of Computer Systems
Diego Zamboni - CERIAS
Sep 13, 1996
AbstractOne problem with Unix systems and security tools currently in use is that they generate several different log files, in different formats and different places. It's up to the administrator to read them all, and it's often difficult to do this in a consistent fashion. Furthermore, there may be entries in these log files that, by themselves, aren't very significant, but that when associated with entries in other log files, could point to possible problems.
This talk presents the design of SAINT, a tool being developed at the National Autonomous University of Mexico that will allow integrated analysis of information gathered from various sources, such as security tools and system logs. By simulating events occurring in the systems, and collected from the different sources, SAINT will allow detection, or even prevention of problems that may otherwise go undetected due to lack of information about them in any single place. SAINT's modular and extensible architecture make it feasible to add new modules for processing new data types, detecting new kinds of problems, or presenting the results in different formats.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.