To log, or not to log: using heuristics to identify mandatory log events – a controlled experiment

To log, or not to log: using heuristics to identify mandatory log events – a controlled experiment Context User activity logs should capture evidence to help answer who, what, when, where, why, and how a security or privacy breach occurred. However, software engineers often implement logging mechanisms that inadequately record mandatory log events (MLEs), user activities that must be logged to enable forensics. Goal The objective of this study is to support security analysts in performing forensic analysis by evaluating the use of a heuristics-driven method for identifying mandatory log events. Method We conducted a controlled experiment with 103 computer science students enrolled in a graduate-level software security course. All subjects were first asked to identify MLEs described in a set of requirements statements during the pre-period task. In the post-period task, subjects were randomly assigned statements from one type of software artifact (traditional requirements, use-case-based requirements, or user manual), one readability score (simple or complex), and one method (standards-, resource-, or heuristics-driven). We evaluated subject performance using three metrics: statement classification correctness (values from 0 to 1), Communicated by: Richard Paige, Jordi Cabot and Neil Ernst * Jason King jtking@ncsu.edu Jon Stallings jwstalli@ncsu.edu Maria Riaz mriaz@ncsu.edu Laurie Williams laurie_williams@ncsu.edu Department of Computer Science, North Carolina State University, 890 Oval Dr., Raleigh, NC 27695-8206, USA Department http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png Empirical Software Engineering Springer Journals

To log, or not to log: using heuristics to identify mandatory log events – a controlled experiment

Loading next page...
 
/lp/springer_journal/to-log-or-not-to-log-using-heuristics-to-identify-mandatory-log-events-oU80HQoQOk
Publisher
Springer US
Copyright
Copyright © 2016 by Springer Science+Business Media New York
Subject
Computer Science; Software Engineering/Programming and Operating Systems; Programming Languages, Compilers, Interpreters
ISSN
1382-3256
eISSN
1573-7616
D.O.I.
10.1007/s10664-016-9449-1
Publisher site
See Article on Publisher Site

References

You’re reading a free preview. Subscribe to read the entire article.


DeepDyve is your
personal research library

It’s your single place to instantly
discover and read the research
that matters to you.

Enjoy affordable access to
over 12 million articles from more than
10,000 peer-reviewed journals.

All for just $49/month

Explore the DeepDyve Library

Unlimited reading

Read as many articles as you need. Full articles with original layout, charts and figures. Read online, from anywhere.

Stay up to date

Keep up with your field with Personalized Recommendations and Follow Journals to get automatic updates.

Organize your research

It’s easy to organize your research with our built-in tools.

Your journals are on DeepDyve

Read from thousands of the leading scholarly journals from SpringerNature, Elsevier, Wiley-Blackwell, Oxford University Press and more.

All the latest content is available, no embargo periods.

See the journals in your area

Monthly Plan

  • Read unlimited articles
  • Personalized recommendations
  • No expiration
  • Print 20 pages per month
  • 20% off on PDF purchases
  • Organize your research
  • Get updates on your journals and topic searches

$49/month

Start Free Trial

14-day Free Trial

Best Deal — 39% off

Annual Plan

  • All the features of the Professional Plan, but for 39% off!
  • Billed annually
  • No expiration
  • For the normal price of 10 articles elsewhere, you get one full year of unlimited access to articles.

$588

$360/year

billed annually
Start Free Trial

14-day Free Trial