Abstract
One of the means to detect intruder's activity is totrace all unauthorized changes in a file system.Programs which fulfill this functionality are called fileintegrity checkers. This paper concerns modernapproach to file system integrity checking. It reviewsarchitecture of popular systems that are widely used inproduction environment as well as scientific projects,which not only detect intruders but also take actions tostop their activity. The concept and architecture ofICAR System (Integrity Checking And RestoringSystem), which we are developing, will be presented.The ICAR System not only covers functionality ofintegrity checkers but also automatically restores files,which were modified by the intruder. ICAR has beendesigned as kernel module of the operating system andit uses read-only devices to store data. The article canprove useful to the operating systems users, that areinterested in securing their data and systemconfiguration.
Citations
-
5
CrossRef
-
0
Web of Science
-
9
Scopus
Authors (2)
Cite as
Full text
full text is not available in portal
Keywords
Details
- Category:
- Conference activity
- Type:
- publikacja w wydawnictwie zbiorowym recenzowanym (także w materiałach konferencyjnych)
- Title of issue:
- Proceeedings of the 1st International Conference on Information Technology Gdańsk, 19-21 May 2008 strony 403 - 406
- Language:
- English
- Publication year:
- 2008
- Bibliographic description:
- Wróbel M., Kaczmarek J.: Modern approaches to file system integrity checking// Proceeedings of the 1st International Conference on Information Technology Gdańsk, 19-21 May 2008/ ed. eds: A. Stepnowski, M. Moszynski, T. Kochanski, J. Dabrowski. Gdańsk: Gdańsk Univ. Technol., 2008, s.403-406
- DOI:
- Digital Object Identifier (open in new tab) 10.1109/inftech.2008.4621669
- Verified by:
- Gdańsk University of Technology
seen 104 times