Skip to Main Content
This paper presents a novel approach to automated audits based on the pruning of log data represented as trees. Events, recorded as a sequential list of entries, are interpreted as nodes of a tree. The audit consists in removing the nodes that are compliant with the policy, so that the remaining tree consists only of the violations of the policy. Besides presenting the method, this paper demonstrates that the resultant method is more efficient than usual audit approaches by analyzing its theoretical complexity and the runtime figures obtained by a proof of concept.