%0 Journal Article
%T An Enhanced Security Auditing Mechanism for Linux
一种增强的Linux系统安全审计机制
%A XU Hui
%A PAN Ai-min
%A
徐辉
%A 潘爱民
%J 计算机应用研究
%D 2004
%I
%X An enhanced security auditing mechanism for Linux is proposed.This mechanism is based on loadable kernel mo-(dule) and provides system level and application level auditing functions.System audit generates an audit record for every security sensitive system call.Application level audit abandons the traditional auditing fashion that auditing system completely depends on applications writing log file in user space.Instead,applications and system kernel will generate audit record coordinately.Examples are given for intrusion detection with this mechanism.
%K Audit
%K System Audit
%K Application Level Audit
%K Audit Record
%K Loadable Kernel Module
%K Intrusion Detection
审计
%K 系统审计
%K 应用层审计
%K 审计记录
%K 可装载内核模块
%K 入侵检测
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=A9D9BE08CDC44144BE8B5685705D3AED&aid=87F0B253106261F2&yid=D0E58B75BFD8E51C&vid=659D3B06EBF534A7&iid=708DD6B15D2464E8&sid=2DBBF45CC176713E&eid=D59111839E7C8BDF&journal_id=1001-3695&journal_name=计算机应用研究&referenced_num=0&reference_num=9