incubator-alois-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <>
Subject [Alois Wiki] Update of "IMF2011" by UrsLerch
Date Tue, 11 Jan 2011 15:58:36 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Alois Wiki" for change notification.

The "IMF2011" page has been changed by UrsLerch.
The comment on this change is: added abstract and structure.


  ''[This is a working paper for the "6th International Conference on IT Security Incident
Management & IT Forensics", taking place in Stuttgart, Germany from May 10th to 12th,
2011. Deadline is on January 17th, 2011. Find the details for the RfP here:]''
+ = Apache ALOIS - A true open source plattform for computer forensics =
+ Urs Lerch & Marcus Holthaus
+ ''Abstract: ''Although computer forensics is foremost all about recovering, collecting and
analyzing data, there is, at least as far as we know, no central platform for all of this.
Sure, there exists a dozen of software tools, all good in their defined area. But when it
comes to integration to a whole, often incompatibility of data and the lack of interfaces
are severe problems. In our opinion, a good part of this problem lies in the nature of proprietary
software. Although Open Source Software is not the "holy grail" and doesn't deliver a solution
to this problem per se, a community driven development can help to overcome a great part of
these issues. Apache ALOIS is an open source tool, originally designed as SIEM (Security Information
and Event Management). But since its main tasks are collecting and analyzing data as well
as reporting, it could very well help as integration plattform for all collected data within
a computer forensics process.
+ == Introduction ==
+ == Open Source Software ==
+ == Apache ALOIS ==
+ Apache ALOIS is a log collection and correlation software with reporting  and alarming functionalities.
ALOIS stands for "Advanced Log Data  Insight System" and is meant to be a fully implemented
open source SIEM  security information and event management system. Since fall 2010 Apache
ALOIS is an effort undergoing incubation at The Apache Software Foundation (ASF). Incubation
is required of all newly accepted projects until a further review indicates that the infrastructure,
communications, and decision making process have stabilized in a manner consistent with other
successful ASF projects. While incubation status is not necessarily a reflection of the completeness
or stability of the code, it does indicate that the project has yet to be fully endorsed by
the ASF.
+ === The Apache Foundation ===
+ [A short description of the Apache Foundation]
+ === Apache ALOIS as a SIEM ===
+ [Apache ALOIS so far]
+ === Apache ALOIS as a platform for computer forensics ===
+ [Apache ALOIS vision]
+ == Conclusions ==
+ [...]
+ == References ==
+ [...]

View raw message