Title :
Modern approaches to file system integrity checking
Author :
Kaczmarek, Jerzy ; Wrobel, Micha
Author_Institution :
Telecommun. & Inf., Gdansk Univ. of Technol., Gdansk
Abstract :
One of the means to detect intruderpsilas activity is to trace all unauthorized changes in a file system. Programs which fulfill this functionality are called file integrity checkers. This paper concerns modern approach to file system integrity checking. It reviews architecture of popular systems that are widely used in production environment as well as scientific projects, which not only detect intruders but also take actions to stop their activity. The concept and architecture of ICAR system (integrity checking and restoring system), which we are developing, will be presented. The ICAR System not only covers functionality of integrity checkers but also automatically restores files, which were modified by the intruder. ICAR has been designed as kernel module of the operating system and it uses read-only devices to store data. The article can prove useful to the operating systems users, that are interested in securing their data and system configuration.
Keywords :
data integrity; records management; security of data; storage management; data storage; file system integrity checking; integrity checking and restoring system; intruder activity detection; production environment; scientific projects; system configuration; Computerized monitoring; Cryptography; File systems; Fingerprint recognition; Informatics; Information technology; Kernel; Operating systems; Production systems; Protection;
Conference_Titel :
Information Technology, 2008. IT 2008. 1st International Conference on
Conference_Location :
Gdansk
Print_ISBN :
978-1-4244-2244-9
Electronic_ISBN :
978-1-4244-2245-6
DOI :
10.1109/INFTECH.2008.4621669
