IEEE TrustCom 2019: Best Forensics and Analytics Track Paper Award

Symbolic picture for the article. The link opens the image in a large view.

During the this year’s IEEE TrustCom 2019 in Rotorua, New Zealand, the paper “Characterizing the Limitations of Forensic Event Reconstruction Based on Log Files” by Tobias Latzo and Felix Freiling received the Best Paper Award in the Forensics and Analytics Track. The paper presents the limitations on event reconstruction using common Linux logs. For this purpose, the authors calculated characteristic fingerprints using various log messages and also system call traces. It turned out that system call traces are beneficial for many characteristic fingerprint calculations, especially those events that are performed by an insider attacker.