Reconsidering data logging in light of digital forensics

Bin Hui Chou, Kenichi Takahashi, Yoshiaki Hori, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Logs record the events that have happened within in a system so they are considered the history of system activities. They are one of the objects that digital forensic investigators would like to examine when a security incident happens. However, logs were initially created for trouble shooting, and are not purposefully designed for digital forensics. Thus, enormous and redundant log data make analysis tasks complicated and time-consuming to find valuable information, and make logging-related techniques difficult utilized in some systems such as embedded systems. In this paper, we reconsider a data logging mechanism in terms of forensics and consequently, we propose purpose-based forensic logging. In purpose-based forensic logging, we only collect the required logs according to a specific purpose, which could decrease the space that logs occupy and may mitigate the analysis tasks during forensic investigations.

Original languageEnglish
Title of host publicationAdvances in Information Security and Its Application
Subtitle of host publicationThird International Conference, ISA 2009, Proceedings
PublisherSpringer Verlag
Number of pages8
ISBN (Print)9783642026324
Publication statusPublished - 2009

Publication series

NameCommunications in Computer and Information Science
ISSN (Print)1865-0929

All Science Journal Classification (ASJC) codes

  • Computer Science(all)
  • Mathematics(all)


Dive into the research topics of 'Reconsidering data logging in light of digital forensics'. Together they form a unique fingerprint.

Cite this