My final year project idea revolves around the Mac OS X system log files. I want to create a tool that will make it easy for an investigator to filter the information and find only those entries of significance to them, whether it be login and active user times, application installations, privilege escalation or whatever else. However my project tutor is not happy with my proposal and his main concern I have not been able to resolve as yet is how little existing published literature there is relating to this topic.
I have the Kubasiak Mac OS X forensics book, the developer information from Apple and a number of web-based guides relating to understanding the system log files. What I have not been able to find is journal articles with any prior work even marginally related to my area of interest. It may be that there are none, or it may be that I haven't gotten the hang of finding the right journals.
If necessary I will rework my proposal as a research instead of a development project, but if anyone here can point me at useful journal articles, I would be most grateful.
Have you considered splitting your research into 2 strands ? you might have better luck finding papers on say log file analysis and Apple OS forensics…. and of course anything on unix or bsd log files will be relevant.
Hth good luck sounds like it could be a neat project