John D. Strunk, Garth R. Goodson, Adam G. Pennington, Craig A. N. Soules, and Gregory R. Ganger. Intrusion detection, diagnosis, and recovery with self-securing storage. Technical Report CMU--CS-- 02--140. Carnegie Mellon University, 2002.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....overhead in the absence of conflicts [11] r 2 : Replica New replica contents. IsLive(DISK(pfid) r 2 .bptr . Listing 1: Example of algorithm description ment at least once remote procedure calls (RPCs) for directory operation. DiFFS does not support replication. S4 [13] is a file system with a security auditing capability. It keeps a backpointer like data structure to reconstruct a file s full path name from its inode number and chooses a security policy based on the path name. S4 s backpointers are used only for auditing and not for replication. 1.5 Notational ....

John D. Strunk, Garth R. Goodson, Adam G. Pennington, Craig A.N. Soules, and Gregory R. Ganger. Intrusion detection, diagnosis, and recovery with self-securing storage. Technical

No context found.

John D. Strunk, Garth R. Goodson, Adam G. Pennington, Craig A. N. Soules, and Gregory R. Ganger. Intrusion detection, diagnosis, and recovery with self-securing storage. Technical Report CMU--CS-- 02--140. Carnegie Mellon University, 2002.

No context found.

John D. Strunk, Garth R. Goodson, Adam G. Pennington, Craig A. N. Soules, and Gregory R. Ganger. Intrusion detection, diagnosis, and recovery with self-securing storage. Technical Report CMU--CS-- 02--140. Carnegie Mellon University, 2002.

....checkpointing is shown to mitigate and bound this effect. 1 Introduction Self securing storage [41] is a new use for versioning in which storage servers internally retain file versions to provide detailed information for post intrusion diagnosis and recovery of compromised client systems [40]. We envision self securing storage servers that retain every version of every file, where every modification (e.g. a WRITE operation or an attribute change) creates a new version. Such comprehensive versioning maximizes the information available for post intrusion diagnosis. Specifically, it ....

....is caused in order to hide their tracks. With a complete history, administrators can determine which files were changed and estimate damage. Further, they can answer (or at least construct informed hypotheses for) questions such as When and how did the intruder get in and What was their goal [40]. 2.2 Pruning Heuristics A true comprehensive versioning system keeps all versions of all files for all time. Such a system could support all three goals described above. Unfortunately, storing this much information is not practical. As a result, all versioning systems use pruning heuristics. ....

J. D. Strunk, G. R. Goodson, A. G. Pennington, C. A. N. Soules, and G. R. Ganger. Intrusion detection, diagnosis, and recovery with self-securing storage. Technical report CMU--CS--02--140. Carnegie Mellon University, 2002.

....Such a client can delete data or modify it arbitrarily. The best a storage system can do is provide mechanisms that facilitate the detection of incorrect clients and the recovery from Byzantine client actions. Storage based intrusion detection could assist in the detection of malicious clients [46, 56]. As well, since the consistency protocol makes use of fine grained versioning storage nodes (i.e. self securing storage [57] recovery and diagnosis from detected storage intrusions is possible. Maliciously deleted data can be recovered, and arbitrarily modified data can be rolled back to its ....

John D. Strunk, Garth R. Goodson, Adam G. Pennington, Craig A. N. Soules, and Gregory R. Ganger. Intrusion detection, diagnosis, and recovery with self-securing storage. Technical report CMU--CS--02--140. Carnegie Mellon University, 2002.

.... metadata, multiversion btree, comprehensive versioning 1 Introduction Self securing storage [41] is a new use for versioning in which storage servers internally retain file versions to provide detailed information for post intrusion diagnosis and recovery of compromised client systems [40]. We envision self securing storage servers that retain every version of every file, where every modification (e.g. a WRITE operation or an attribute change) creates a new version. Such comprehensive versioning maximizes the information available for post intrusion diagnosis. Specifically, it ....

....done in order to hide their tracks. With a complete history, administrators can determine which files were changed and estimate damage. Further, they can answer (or at least construct informed hypotheses for) questions such as When and how did the 3 intruder get in and What was their goal [40]. 2.2 Pruning Heuristics A comprehensive versioning system keeps all versions of all files for all time. Such a system could support all three goals described above. Unfortunately, storing this much data is not possible. As a result, all conventional versioning systems use pruning heuristics. ....

John D. Strunk, Garth R. Goodson, Adam G. Pennington, Craig A. N. Soules, and Gregory R. Ganger. Intrusion detection, diagnosis, and recovery with self-securing storage. Technical report CMU--CS--02--140. Carnegie Mellon University, 2002.

No context found.

John D. Strunk, Garth R. Goodson, Adam G. Pennington, Craig A.N. Soules, Gregory R. Ganger. Intrusion Detection, Diagnosis, and Recovery with Self-Securing Storage. CMU SCS Technical Report CMU-CS-02-140, May 2002.

No context found.

J. D. Strunk, G. R. Goodson, A. G. Pennington, C. A. Soules, and G. R. Ganger. Intrusion detection, diagnosis, and recovery with self-securing storage. Technical report, Carnegie Mellon University, 2002.

No context found.

J. D. Strunk, G. R. Goodson, A. G. Pennington, C. A. Soules, and G. R. Ganger. Intrusion detection, diagnosis, and recovery with self-securing storage. Technical report, Carnegie Mellon University, 2002.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC