Visual Audit Browser Toolkit

Description

The Visual Audit Browser (VAB) Toolkit is a set of tools which facilitate the inspection of audit log data, the record of system events made by an operating system, i.e., by Sun's Basic Security Module (BSM). The analysis of this voluminous amount of data produced is not effective when done with audit log presented in a purely textual form. The VAB tools provide an better way of inspecting audit data. The current tools include programs to view BSM audit logs in a graph, in a animated sequence of graphs, in hypertext format, and in a graph showing just a portion of the log.

A paper of the VAB Toolkit has been submitted to the January 1996 Usenix Technical Conference. [Postscript] [Abstract]

Tools

o VAB Frame Generator
o VAB Movie Maker
o VAB Hypertext Generator
o VAB Focusses Audit Browser

Related Links

o J. Hoagland, C. Wee, K.N. Levitt, "Audit Log Analysis Using the Visual Audit Browser Toolkit". U.C. Davis Computer Science Department Technical Report CSE-95-11, 1995. [176kb Postscript] [Abstract]
o The VAB tools are written in Perl.
o Parts of the VAB Toolkit use a filter called DOT, developed at AT&T Research.
o This is part of the Audit Workbench Project, funded by the NSA.

AWB SecLab Home Page Last revised 27-Jul-95 by Jim Hoagland