See this document in CiteSeerX!

On the Feasibility of Intrusion Detection inside Workstation Disks (2003)  (Make Corrections)  
John Linwood Griffin, Adam Pennington, John S. Bucy, Deepa Choundappan, Nithya Muralidharan, Gregory R. Ganger



  Home/Search   Context   Related

 
View or download:
cmu.edu/PDLFTP/Sec...CMUPDL03106.ps
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  cmu.edu/Publications/index (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: Storage-based intrusion detection systems (IDSes) can be valuable tools in monitoring for and notifying administrators of malicious software executing on a host computer, including many common intrusion toolkits. This paper makes a case for implementing IDS functionality in the firmware of workstations' locally attached disks, on which the bulk of important system files typically reside. To evaluate the feasibility of this approach, we built a prototype disk-based IDS into a SCSI disk emulator. ... (Update)

Active bibliography (related documents):   More   All
1.1:   Storage-based Intrusion Detection: Watching.. - Pennington.. (2003)   (Correct)
1.0:   Self-Securing Network Interfaces: What, Why and How - Ganger, Economou, Bielski (2002)   (Correct)
0.5:   Collapsar: A VM-Based Architecture for Network Attack.. - Xuxian Jiang Dongyan (2004)   (Correct)

Similar documents based on text:   More   All
0.3:   Designing Computer Systems with MEMS-based Storage - Schlosser, Griffin, Nagle.. (2000)   (Correct)
0.3:   Timing-accurate Storage Emulation - John Linwood Griffin (2002)   (Correct)
0.3:   Operating System Management of MEMS-based Storage Devices - Griffin, Schlosser.. (2000)   (Correct)

BibTeX entry:   (Update)

@misc{ griffin-feasibility,
  author = "John Linwood Griffin and Adam Pennington and John S. Bucy and Deepa Choundappan
    and Nithya Muralidharan and Gregory R. Ganger",
  title = "On the Feasibility of Intrusion Detection inside Workstation Disks",
  url = "citeseer.ist.psu.edu/griffin03feasibility.html" }
Citations (may not include all citations):
75   Active storage for large-scale data mining and multimedia ap.. - Riedel, Gibson et al. - 1998
59   Execution monitoring of securitycritical programs in distrib.. (context) - Ko, Ruschitzka et al. - 1997
57   Self-securing storage: protecting data in compromised system.. - Strunk, Goodson et al. - 2000  DBLP
54   Architectural Support for Copy and Tamper Resistant Software - Lie, Thekkath et al. - 2000  ACM   DBLP
50   The design and implementation of Tripwire: a file system int.. - Kim, Spafford - 1994  DBLP
43   A case for intelligent disks (context) - Keeton, Patterson et al. - 1998
37   Virtual log based file systems for a programmable disk - Wang, Patterson et al. - 1999  ACM   DBLP
30   Experiences with Tripwire: using integrity checkers for intr.. - Kim, Spafford - 1994
29   Journaling versus Soft Updates: Asynchronous Meta-data Prote.. - Seltzer, Ganger et al. - 2000
26   Information warfare and security (context) - Denning - 1999  ACM
21   Research in intrusion-detection systems: a survey - Axelsson - 1998
19   Design and implementation of the Second Extended Filesystem (context) - Card, Ts'o et al. - 1994
18   Scale and performance in a distributed file system (context) - Howard, Kazar et al. - 1988  ACM   DBLP
18   Semantically smart disk systems - Sivathanu, Prabhakaran et al. - 2003
15   A virtual machine introspection based architecture for intru.. - Garfinkel, Rosenblum - 2003
14   Storage-based intrusion detection: watching storage activity.. - Pennington, Strunk et al. - 2003
13   PostMark: a new file system benchmark (context) - Katcher - 1997
12   Security for a high performance commodity storage subsystem - Gobioff - 1999  ACM
12   When virtual is better than real (context) - Chen, Noble - 2001  ACM
7   Blocklevel security for network-attached disks - Aguilera, Ji et al. - 2003
6   IEEE Symposium on Security and Privacy (context) - Forrest, Hofmeyr et al. - 1996
5   Hacking exposed: network security secrets & solutions (context) - Scambray, McClure et al. - 2001
5   Mime: high performance parallel storage device with strong r.. - Chao, English et al. - 1992
4   Technical Brief (context) - Com, Architecture - 2001
4   Embedded Firewall Software (context) - Guide - 2001
2   Honeytokens: The Other Honeypot (context) - Spitzner - 2003
2   Secure Coprocessor-based Intrusion Detection (context) - Zhang, van Doorn et al. - 2002
2   Better security via smarter devices - Ganger, Nagle - 2001  ACM
1   IEEE Computer Society Press (context) - Arbaugh, Farber et al. - 1997
1   IEEE Computer Society Press (context) - Denning, Lunt et al. - 1987
1   Defeating forensic analysis on Unix (context) - Grugg - 2002

Documents on the same site (http://www.pdl.cmu.edu/Publications/index.html):   More
Blurring the Line Between OSes and Storage Devices - Ganger (2001)   (Correct)
Compiler-Based I/O Prefetching for Out-of-Core Applications - Brown, Mowry, Krieger (2001)   (Correct)
My cache or yours? Making storage more exclusive - Wong, Wilkes (2002)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC