FLAIM (original) (raw)
FLAIM (Framework for Log Anonymization and Information Management) is a modular tool designed to allow computer and network log sharing through application of complex data sanitization policies. FLAIM is aimed at 3 different user communities. First, FLAIM can be used by the security engineer who is investigating a broad incident spanning multiple organizations. Because of the sensitivity inherent in security relevant logs, many organizations are reluctant to share them. However, this reluctance inhibits the sharing necessary to investigate intrusions that commonly span organizational boundaries. Second, anyone designing log analysis or computer forensics tools needs data with which they can test their tools. The larger and more diverse the data set, the more robust they can make their tool
| Property | Value |
|---|---|
| dbo:abstract | FLAIM (Framework for Log Anonymization and Information Management) is a modular tool designed to allow computer and network log sharing through application of complex data sanitization policies. FLAIM is aimed at 3 different user communities. First, FLAIM can be used by the security engineer who is investigating a broad incident spanning multiple organizations. Because of the sensitivity inherent in security relevant logs, many organizations are reluctant to share them. However, this reluctance inhibits the sharing necessary to investigate intrusions that commonly span organizational boundaries. Second, anyone designing log analysis or computer forensics tools needs data with which they can test their tools. The larger and more diverse the data set, the more robust they can make their tools. For many, this means they must gather many logs from outside sources, not just what they can generate in-house. Again, this requires log sharing. Third, researchers in many computer science disciplines (e.g., network measurements, computer security, etc.) need large and diverse data sets to study. Having data sanitization tools available makes organizations more willing to share with these researchers their own logs. FLAIM is available under the Open Source Initiative approved University of Illinois/NCSA Open Source License. This is BSD-style license. It runs on Unix and Unix-like systems, including Linux, FreeBSD, NetBSD, OpenBSD and Mac OS X. While FLAIM is not the only log anonymizer, it is unique in its flexibility to create complex XML policies and its support for multiple log types. More specifically, it is the only such tool to meet the following 4 goals. (1) FLAIM provides a diverse set of anonymization primitives. (2) FLAIM supports multiple log type, including linux process accounting logs, netfilter alerts, tcpdump traces and NFDUMP NetFlows. (3) With a flexible anonymization policy language, complex policies that make trade-offs between information loss and security can be made. (4) FLAIM is modular and easily extensible to new types of logs and data. The anonymization engine is agnostic to the syntax of the actual log. (en) |
| dbo:developer | dbr:LAIM_Working_Group |
| dbo:genre | dbr:Privacy dbr:Computer_security |
| dbo:latestReleaseDate | 2008-02-29 (xsd:date) |
| dbo:latestReleaseVersion | 0.7.0 |
| dbo:license | dbr:BSD_license |
| dbo:thumbnail | wiki-commons:Special:FilePath/FlaimLogo1.jpg?width=300 |
| dbo:wikiPageExternalLink | http://flaim.ncsa.uiuc.edu/ http://www.cert.org/flocon/2005/presentations/luo.pdf https://web.archive.org/web/20070226094723/http:/laim.ncsa.uiuc.edu/downloads/slagell06.pdf https://web.archive.org/web/20070326153711/http:/crawdad.cs.dartmouth.edu/meta.php%3Fname=tools%2Fsanitize%2Fgeneric%2FFLAIM https://web.archive.org/web/20070818215507/http:/laim.ncsa.uiuc.edu/ https://web.archive.org/web/20070827184956/http:/flaim.ncsa.uiuc.edu/ |
| dbo:wikiPageID | 11056603 (xsd:integer) |
| dbo:wikiPageLength | 8309 (xsd:nonNegativeInteger) |
| dbo:wikiPageRevisionID | 1062643130 (xsd:integer) |
| dbo:wikiPageWikiLink | dbr:BSD_license dbr:Privacy dbr:National_Center_for_Supercomputing_Applications dbc:Anonymity dbc:Internet_privacy_software dbr:Pcap dbr:Unix dbr:Unix-like dbr:LAIM_Working_Group dbc:Software_using_the_BSD_license dbr:Computer_security dbr:Network_traffic_measurement dbr:NetFlow dbr:FreeBSD dbr:Linux dbr:Mac_OS_X dbr:Computer_forensics dbr:Computer_science dbr:C++ dbr:UNIX-like dbr:File:FlaimLogo1.jpg dbr:Tcpdump dbc:Free_security_software dbr:National_Science_Foundation dbr:NetBSD dbr:Netfilter dbr:Office_of_Naval_Research dbr:OpenBSD dbr:Open_Source_Initiative dbr:XML dbr:UNIX dbr:Operating_Systems |
| dbp:developer | The LAIM Working Group - NCSA (en) |
| dbp:genre | dbr:Privacy dbr:Computer_security |
| dbp:latestReleaseDate | 2008-02-29 (xsd:date) |
| dbp:latestReleaseVersion | 0.700000 (xsd:double) |
| dbp:license | dbr:BSD_license |
| dbp:logo | 200 (xsd:integer) |
| dbp:name | FLAIM (en) |
| dbp:operatingSystem | dbr:FreeBSD dbr:Linux dbr:Mac_OS_X dbr:NetBSD dbr:OpenBSD |
| dbp:website | http://flaim.ncsa.uiuc.edu/ |
| dbp:wikiPageUsesTemplate | dbt:Infobox_software dbt:Portal dbt:Short_description |
| dbp:wordnet_type | http://www.w3.org/2006/03/wn/wn20/instances/synset-software-noun-1 |
| dcterms:subject | dbc:Anonymity dbc:Internet_privacy_software dbc:Software_using_the_BSD_license dbc:Free_security_software |
| gold:hypernym | dbr:Tool |
| rdf:type | owl:Thing dbo:Software schema:CreativeWork dbo:Work wikidata:Q386724 wikidata:Q7397 yago:Abstraction100002137 yago:Code106355894 yago:CodingSystem106353757 yago:Communication100033020 yago:Writing106359877 yago:WrittenCommunication106349220 yago:Software106566077 |
| rdfs:comment | FLAIM (Framework for Log Anonymization and Information Management) is a modular tool designed to allow computer and network log sharing through application of complex data sanitization policies. FLAIM is aimed at 3 different user communities. First, FLAIM can be used by the security engineer who is investigating a broad incident spanning multiple organizations. Because of the sensitivity inherent in security relevant logs, many organizations are reluctant to share them. However, this reluctance inhibits the sharing necessary to investigate intrusions that commonly span organizational boundaries. Second, anyone designing log analysis or computer forensics tools needs data with which they can test their tools. The larger and more diverse the data set, the more robust they can make their tool (en) |
| rdfs:label | FLAIM (en) |
| owl:sameAs | freebase:FLAIM wikidata:FLAIM https://global.dbpedia.org/id/4jZ8C |
| prov:wasDerivedFrom | wikipedia-en:FLAIM?oldid=1062643130&ns=0 |
| foaf:depiction | wiki-commons:Special:FilePath/FlaimLogo1.jpg |
| foaf:homepage | http://flaim.ncsa.uiuc.edu/ |
| foaf:isPrimaryTopicOf | wikipedia-en:FLAIM |
| foaf:name | FLAIM (en) |
| is dbo:wikiPageWikiLink of | dbr:Anonymous_P2P dbr:LAIM_Working_Group dbr:Pseudonymization |
| is foaf:primaryTopic of | wikipedia-en:FLAIM |
