Dear Linux Audit Team, My team and I would like to share with you some recent research results that we hope will be interesting to you. In a nutshell, we designed a kernel-based tamper-evident logging system and implemented a proof of concept of it on top of Linux Audit. Would you be interested in the possibility of incorporating our system in the upstream version of Linux Audit? We envision a small extension to Linux Audit that would allow users to enable integrity protection for the logs if desired. For reference, this<https://rp8.web.engr.illinois.edu/papers/kennyloggings-ccs2020.pdf> is our paper and this<https://bitbucket.org/sts-lab/kennyloggings/> is our proof-of-concept implementation.
Thanks very much in advance and best regards, Riccardo
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
