Modern approaches to file system integrity checking

Author

Kaczmarek, Jerzy ; Wrobel, Micha

Author_Institution

Telecommun. & Inf., Gdansk Univ. of Technol., Gdansk

fYear

2008

fDate

18-21 May 2008

Firstpage

1

Lastpage

4

Abstract

One of the means to detect intruderpsilas activity is to trace all unauthorized changes in a file system. Programs which fulfill this functionality are called file integrity checkers. This paper concerns modern approach to file system integrity checking. It reviews architecture of popular systems that are widely used in production environment as well as scientific projects, which not only detect intruders but also take actions to stop their activity. The concept and architecture of ICAR system (integrity checking and restoring system), which we are developing, will be presented. The ICAR System not only covers functionality of integrity checkers but also automatically restores files, which were modified by the intruder. ICAR has been designed as kernel module of the operating system and it uses read-only devices to store data. The article can prove useful to the operating systems users, that are interested in securing their data and system configuration.

Keywords

data integrity; records management; security of data; storage management; data storage; file system integrity checking; integrity checking and restoring system; intruder activity detection; production environment; scientific projects; system configuration; Computerized monitoring; Cryptography; File systems; Fingerprint recognition; Informatics; Information technology; Kernel; Operating systems; Production systems; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Technology, 2008. IT 2008. 1st International Conference on

Conference_Location

Gdansk

Print_ISBN

978-1-4244-2244-9

Electronic_ISBN

978-1-4244-2245-6

Type

conf

DOI

10.1109/INFTECH.2008.4621669

Filename

4621669