| Log preprocessing is one of the important procedure of the log audit system, the original logs gathered by system may be tampered with by invader before gathering, that will cause some mistake on audit result, so it is necessary to protect the security of original logs, and verify the integrity of those logs. Now the logs of different equipments have various formats, and the contents are miscellaneous and complicated, it is hard to read and analysis those logs, therefore, it is important to make rues to unify the formats of the various logs. The papers did some researches on key technologies of security protection and formats unifications of logs in preprocessing.Firstly, in some aspects of security protection, based on the MAC encryption protection, the papers proposed the asymmetric encryption protection of the logs, to keep the logs of audit system more secure. Secondly, combined with the characteristics of various formats of logs, defined XML Schema documents, then developed the appropriate rules, and convertd the original formats of logs into XML format according to those rules, and finally converted into the binary XML format. In the end, the papers implemented these two key technologies, and did some tests. Experiment results indicated that in the case of increasing a little system overhead time, the capacity of WBXML format logs can reduce to 20% of the original logs, thereby improving the efficiency of the log audit system greatly. |
PDF Full Text Request