Techniques and Limitations in Securing the Log Files to Enhance Network Security and Monitoring
With the growing threat of cyberattacks, the demand for recording the audit trails or events in the system and networks is also increasing. Log file is one such mechanism which contains automatically produced and time stamped documentation of every event that occurs in a system or a network. It is a means to detect and protect a system from unauthorized access. Log files monitoring which oversees network activities, store user actions, inspect events that occur in the system can help in maintaining the network security and integrity. But hacking also evolved over time and there are more experienced hackers who can intrude over the log files and modify the contents, disable the auditing, clear logs and even erase the command history thereby keeping the user unknown about the intrusion that occurred in their system. With this, there arise the need for securing the log files. There are many techniques to secure these log files from unauthorized access. This paper focuses on the some of the techniques used to secure the log files which are ranging from most simple to a more advanced. It also focuses on the limitations of the techniques with which user can decide on which technique to apply to his system based on his requirement.