IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Scale and performance in a distributed file system
ACM Transactions on Computer Systems (TOCS)
The design and implementation of tripwire: a file system integrity checker
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Firewalls and Internet security: repelling the wily hacker
Firewalls and Internet security: repelling the wily hacker
Managing update conflicts in Bayou, a weakly connected replicated storage system
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
A cost-effective, high-bandwidth storage architecture
Proceedings of the eighth international conference on Architectural support for programming languages and operating systems
Information warfare and security
Information warfare and security
Secure audit logs to support computer forensics
ACM Transactions on Information and System Security (TISSEC)
Analysis and implementation of software rejuvenation in cluster systems
Proceedings of the 2001 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Hacking Exposed Windows 2000: Network Security Secrets and Solutions
Hacking Exposed Windows 2000: Network Security Secrets and Solutions
Intrusion Confinement by Isolation in Information Systems
Proceedings of the IFIP WG 11.3 Thirteenth International Conference on Database Security: Research Advances in Database and Information Systems Security
Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor
Proceedings of the General Track: 2002 USENIX Annual Technical Conference
Better Security via Smarter Devices
HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
When Virtual Is Better Than Real
HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Security for a high performance commodity storage subsystem
Security for a high performance commodity storage subsystem
Timing-accurate storage emulation: evaluating hypothetical storage components in real computer systems
Storage-Based Intrusion Detection for Storage Area Networks (SANs)
MSST '05 Proceedings of the 22nd IEEE / 13th NASA Goddard Conference on Mass Storage Systems and Technologies
Semantically-Smart Disk Systems
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Secure coprocessor-based intrusion detection
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Research on Object-Storage-Based Intrusion Detection
ICPADS '06 Proceedings of the 12th International Conference on Parallel and Distributed Systems - Volume 1
Self-securing storage: protecting data in compromised system
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Proactive recovery in a Byzantine-fault-tolerant system
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Storage-based intrusion detection: watching storage activity for suspicious behavior
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Flexible and safe resolution of file conflicts
TCON'95 Proceedings of the USENIX 1995 Technical Conference Proceedings
Bro: a system for detecting network intruders in real-time
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Proceedings of the 15th ACM conference on Computer and communications security
Disk-level behavioral malware detection
Disk-level behavioral malware detection
Architectural support for secure virtualization under a vulnerable hypervisor
Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture
| Hi-index | 0.00 |
Storage-based intrusion detection consists of storage systems watching for and identifying data access patterns characteristic of system intrusions. Storage systems can spot several common intruder actions, such as adding backdoors, inserting Trojan horses, and tampering with audit logs. For example, examination of 18 real intrusion tools reveals that most (15) can be detected based on their changes to stored files. Further, an Intrusion Detection System (IDS) embedded in a storage device continues to operate even after client operating systems are compromised. We describe and evaluate a prototype storage IDS, built into a disk emulator, to demonstrate both feasibility and efficiency of storage-based intrusion detection. In particular, both the performance overhead (