[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1109/ICCNT.2010.47guideproceedingsArticle/Chapter ViewAbstractPublication PagesConference Proceedingsacm-pubtype
Article

A Kernel Level VFS Logger for Building Efficient File System Intrusion Detection System

Published: 23 April 2010 Publication History

Abstract

For any file, the modification, access and creation date and time stamp (MAC DTS) is a major parameter, which if preserved properly can be used to gain crucial evidence about activities on the file. Activities on a file system is generally protected by access control mechanism specific to the operating system; discretionary or mandatory access control mechanism being the most common ones. Generally, access control mechanisms deal with allow or deny a based rule (for access to a file) which even extends to role based access control in some cases. This directly implies that access protection mechanism is generally tightly coupled with almost all operating systems. Still, intrusion is a common phenomenon. This paper analyzes and measures the performance of our previously defined approach for efficient file system intrusion detection system. This paper also establishes how this approach can be complementary to existing access control mechanism for Linux kernel 2.6.x.

Cited By

View all
  • (2013)POSTER: Dr. Watson provides data for post-breach analysisProceedings of the 2013 ACM SIGSAC conference on Computer & communications security10.1145/2508859.2512522(1445-1448)Online publication date: 4-Nov-2013
  • (2012)Wrappers for web access logs feature selectionProceedings of the 2nd International Conference on Web Intelligence, Mining and Semantics10.1145/2254129.2254156(1-7)Online publication date: 13-Jun-2012

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings
ICCNT '10: Proceedings of the 2010 Second International Conference on Computer and Network Technology
April 2010
587 pages
ISBN:9780769540429

Publisher

IEEE Computer Society

United States

Publication History

Published: 23 April 2010

Author Tags

  1. Access and Creation Date and Time stamp (MAC DTS)
  2. Host Based Intrusion Detection System (HIDS)
  3. Loadable Kernel Module (LKM)
  4. Modification
  5. System calls
  6. Virtual File System (VFS)

Qualifiers

  • Article

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)0
  • Downloads (Last 6 weeks)0
Reflects downloads up to 21 Dec 2024

Other Metrics

Citations

Cited By

View all
  • (2013)POSTER: Dr. Watson provides data for post-breach analysisProceedings of the 2013 ACM SIGSAC conference on Computer & communications security10.1145/2508859.2512522(1445-1448)Online publication date: 4-Nov-2013
  • (2012)Wrappers for web access logs feature selectionProceedings of the 2nd International Conference on Web Intelligence, Mining and Semantics10.1145/2254129.2254156(1-7)Online publication date: 13-Jun-2012

View Options

View options

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media