DocumentCode :
175429
Title :
AccountabilityFS: A File System Monitor for Forensic Readiness
Author :
Nordvik, Rune ; Yi-Ching Liao ; Langweg, Hanno
Author_Institution :
Norwegian Inf. Security Lab., Gjovik Univ. Coll., Gjovik, Norway
fYear :
2014
fDate :
24-26 Sept. 2014
Firstpage :
308
Lastpage :
311
Abstract :
We present a file system monitor, AccountabilityFS, which prepares an organization for forensic analysis and incident investigation in advance by ensuring file system operation traces readily available. We demonstrate the feasibility of AccountabilityFS in terms of performance and storage overheads, and prove its reliability against malware attacks.
Keywords :
digital forensics; invasive software; AccountabilityFS file system monitor; file system operation; forensic analysis; forensic readiness; malware attacks; performance overhead; storage overhead; Educational institutions; Forensics; Kernel; Malware; Monitoring; Reliability;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Intelligence and Security Informatics Conference (JISIC), 2014 IEEE Joint
Conference_Location :
The Hague
Print_ISBN :
978-1-4799-6363-8
Type :
conf
DOI :
10.1109/JISIC.2014.61
Filename :
6975599
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=175429
بازگشت