See this document in CiteSeerX!

Intrusion Detection, Diagnosis, and Recovery with Self-Securing Storage (2002)  (Make Corrections)  
John D. Strunk, Garth R. Goodson, Adam G. Pennington, Craig A. N. Soules, Gregory R. Ganger



  Home/Search   Context   Related

 
View or download:
cmu.edu/PDLFTP/Secu...CMUCS02140.ps
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  cmu.edu/~ganger/papers/index (more)
Homepages:  A.Pennington  

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: Self-securing storage turns storage devices into active parts of an intrusion survival strategy. From behind a thin storage interface (e.g., SCSI or CIFS), a self-securing storage sen,er can watch storage requests, keep a record of all storage activity, and prevent compromised clients from destroying stored data. This paper describes three ways selfsecuring storage enhances an administrator's ability to detect, diagnose, and recover from client system intrusions. First, storage-based intrusion... (Update)

Active bibliography (related documents):   More   All
1.2:   Storage-based Intrusion Detection: Watching.. - Pennington.. (2003)   (Correct)
0.5:   The Implementation of the File Service Module for the Distributed.. - Tatah (2001)   (Correct)
0.3:   Dataflow Anomaly Detection - Bhatkar, Chaturvedi, Sekar   (Correct)

Similar documents based on text:   More   All
1.7:   Self-Securing Storage: Protecting Data in Compromised.. - Strunk, Goodson.. (2000)   (Correct)
1.3:   Decentralized Storage Consistency via Versioning Servers - Goodson, Wylie, Ganger.. (2002)   (Correct)
1.0:   Finding and Containing Enemies Within the Walls With.. - Ganger, Economou.. (2003)   (Correct)

BibTeX entry:   (Update)

@misc{ strunk02intrusion,
  author = "John D. Strunk and Garth R. Goodson and Adam G. Pennington and Craig A.
    N. Soules and Gregory R. Ganger",
  title = "Intrusion Detection, Diagnosis, and Recovery with Self-Securing Storage",
  url = "citeseer.ist.psu.edu/strunk02intrusion.html" }
Citations (may not include all citations):
141   a weakly connected replicated storage system (context) - Terry, Theliner et al. - 1995
132   EMERALD: event monitoring enabling responses to anomalous li.. - Porras, Neumann - 1997
105   NFS: network file system protocol specification (context) - Microsystems - 1989
69   Proactive recovery in a Byzantine-fault-tolerant system - Castro, Liskov - 2000  DBLP
59   Execution monitoring of security-critical programs in distri.. (context) - Ko, Ruschitzka et al. - 1997
57   Self-securing storage: protecting data in compromised system.. - Strunk, Goodson et al. - 2000  DBLP
52   Checking for race conditions in file accesses - Bishop, Dilger - 1996  DBLP
50   The design and implementation of Tripwire: a file system int.. - Kim, Spafiord - 1994  DBLP
46   File system usage in Windows NT - Vogels - 1999
27   Cryptographic support for secure logs on untrusted machines (context) - Schneier, Kelsey - 1998
27   A large-scale study of file-system contents (context) - Douceur, Bolosky - 1999  ACM   DBLP
21   A prototype real-time intrusion-detection expert system (context) - Lunt, Jagannathan - 1988
11   Secure audit logs to support computer forensics (context) - Schneier, Kelsey - 1999  ACM   DBLP
10   Elephant: the file system that never forgets - Santry, Feeley et al. - 1992  DBLP
6   Differential compression: a generalized solution for binary .. - Burns - 1996
6   IEEE Symposium on Security and Privacy (context) - Forrest, Hofmeyr et al. - 1996
6   Metadata efficiency in a comprehensive versioning file syste.. - Soules, Goodson et al. - 2002
5   Symposium on Operating Systems Design andImplementation (context) - Hutchinson, Manley et al. - 1999
3   GNU fileutils recursive directory removal race condition (context) - Purczynski - 2002
3   Forensic computer analysis: an introduction (context) - Farmer, Venema - 2000
3   Computer forensics: incident response essentials (context) - Jay, Heiser - 2002
2   File recovery techniques (context) - Venema - 2000
2   What are MACtimes (context) - Farmer - 2000
1   Strangers in the night (context) - Venema - 2000
1   Rewriting histories: recovering from undesirable committed t.. (context) - Atomann, Jajodia et al. - 2000
1   Intrusion confinement by isolation in information systems (context) - SushilJajodia, McCollum - 1999
1   Exploiting weak connectivity in a distributed file system (context) - Muminert - 1996  ACM
1   Virtual log based file systems for a progrmnmable disk (context) - Wang, Patterson et al. - 1999
1   Research in intrusion-detection systems (context) - Axelsson - 1998
1   ACM Transactions on Computer Systems (context) - file - 1996
1   lntrusion Signatures and Analysis (context) - Mark, MattFeamow et al. - 2001
1   Bring out your dead: the ins and outs of data recovery (context) - Farmer - 2001
http://www.nfr

Documents on the same site (http://www.ece.cmu.edu/~ganger/papers/index.html):   More
On-Line Extraction of SCSI Disk Drive Parameters - Worthington, Ganger, Patt.. (1995)   (Correct)
Disk Subsystem Load Balancing: Disk Striping vs.. - Ganger, Worthington, .. (1993)   (Correct)
Scheduling Algorithms for Modern Disk Drives - Worthington, Ganger, Patt (1994)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC