Abstract :
Since storage systems can see changes to persistent data on them, some types of intrusions can be detected by storage systems. Storage-based intrusion detection system (SIDS) has become a valuable tool in monitoring for the intrusion. However, the traditional storage device works on the block-level while intrusion always happens on the file-level, this gap has to be erased by detection software, which is a hard and time-consuming task. To solve this problem and to accord with the trend of storage technology, this paper presents a novel idea to design object-based intrusion detection architecture. In this paper, we study how intrusion can be detected at object level in the OBSS (object-based storage system) environment, and discuss how features of the OBSS can be used in intrusion detection. Through analysis, we find that the impact of intrusion detection on the OBSS is negligible. The advantage of this approach is simple. It does not require many changes to the storage system or the intrusion detection software.
Keywords :
security of data; storage management; detection software; object-based intrusion detection architecture design; object-based storage system; Computer architecture; Computer networks; Data security; Intrusion detection; Monitoring; Network servers; Scalability; Storage area networks; Telecommunication traffic; Watches; Intrusion detection; object-based; object-based storage device; storage system;
