On incremental file system development
ACM Transactions on Storage (TOS)
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
Performance and extension of user space file systems
Proceedings of the 2010 ACM Symposium on Applied Computing
A Kernel Level VFS Logger for Building Efficient File System Intrusion Detection System
ICCNT '10 Proceedings of the 2010 Second International Conference on Computer and Network Technology
An efficient technique for enhancing forensic capabilities of Ext2 file system
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Hi-index | 0.00 |
Nowadays security systems have become highly sophisticated. However, breaches are inevitable. Nevertheless, post-breach analysis is performed to assess the severity of the breach and to trace the intruder's actions. This paper proposes drWatson, a layered file system that in case of an illegitimate file system access provides data for post-breach analysis to assess the severity of the breach and to trace the intruder's actions. drWatson, when mounted on top of any concrete file system, works by logging all the operations along with their date time stamps targeted to the below mounted file system.