A prototype for filesystem integrity checker in user-space mood
Today, improving the security of computer systems has become a vital and challenging problem. Attackers can seriously damage the integrity of filesystems. Attack detection is complex and time-consuming for system administrators, and it is becoming more so. One of the means to detect intruder's...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2009
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/11254/6/AlQahtaniSaeedIbrahimMFSKSM2009.pdf http://eprints.utm.my/id/eprint/11254/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.utm.11254 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.112542017-09-20T08:58:53Z http://eprints.utm.my/id/eprint/11254/ A prototype for filesystem integrity checker in user-space mood Alqahtani, Saeed Ibrahim S. QA75 Electronic computers. Computer science Today, improving the security of computer systems has become a vital and challenging problem. Attackers can seriously damage the integrity of filesystems. Attack detection is complex and time-consuming for system administrators, and it is becoming more so. One of the means to detect intruder's activity is to trace all unauthorized changes in a filesystem. Current user-space mood checkers, due to being slow detectors, suffer from the opportunity gap that occurs between filesystem checks. Basing on the principle of thinking like an attacker, this prototype is developed to minimize the total time taken for checking by focusing on critical files. The proposed technique will accelerate the checking process through acquiring specific file extensions from the filesystem rather than targeting the entire filesystem. Discrepancies in the filesystem are reported after comparing current files hashing values with original hashing values. This prototype is configured to use variety of hashing algorithms to measure the performance on different scales and to provide various choices for users. Research results on Windows Server 2003 show that the average total time taken for this prototype is in the range of three to four minutes. The elapsed time of filesystem checking by Windows System File Check tool “SFC” has been decreased to eighty five percent on this prototype. 2009-10 Thesis NonPeerReviewed application/pdf en http://eprints.utm.my/id/eprint/11254/6/AlQahtaniSaeedIbrahimMFSKSM2009.pdf Alqahtani, Saeed Ibrahim S. (2009) A prototype for filesystem integrity checker in user-space mood. Masters thesis, Universiti Teknologi Malaysia, Faculty of Computer Science and Information Systems. |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| language |
English |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Alqahtani, Saeed Ibrahim S. A prototype for filesystem integrity checker in user-space mood |
| description |
Today, improving the security of computer systems has become a vital and challenging problem. Attackers can seriously damage the integrity of filesystems. Attack detection is complex and time-consuming for system administrators, and it is becoming more so. One of the means to detect intruder's activity is to trace all unauthorized changes in a filesystem. Current user-space mood checkers, due to being slow detectors, suffer from the opportunity gap that occurs between filesystem checks. Basing on the principle of thinking like an attacker, this prototype is developed to minimize the total time taken for checking by focusing on critical files. The proposed technique will accelerate the checking process through acquiring specific file extensions from the filesystem rather than targeting the entire filesystem. Discrepancies in the filesystem are reported after comparing current files hashing values with original hashing values. This prototype is configured to use variety of hashing algorithms to measure the performance on different scales and to provide various choices for users. Research results on Windows Server 2003 show that the average total time taken for this prototype is in the range of three to four minutes. The elapsed time of filesystem checking by Windows System File Check tool “SFC” has been decreased to eighty five percent on this prototype. |
| format |
Thesis |
| author |
Alqahtani, Saeed Ibrahim S. |
| author_facet |
Alqahtani, Saeed Ibrahim S. |
| author_sort |
Alqahtani, Saeed Ibrahim S. |
| title |
A prototype for filesystem integrity checker in user-space mood |
| title_short |
A prototype for filesystem integrity checker in user-space mood |
| title_full |
A prototype for filesystem integrity checker in user-space mood |
| title_fullStr |
A prototype for filesystem integrity checker in user-space mood |
| title_full_unstemmed |
A prototype for filesystem integrity checker in user-space mood |
| title_sort |
prototype for filesystem integrity checker in user-space mood |
| publishDate |
2009 |
| url |
http://eprints.utm.my/id/eprint/11254/6/AlQahtaniSaeedIbrahimMFSKSM2009.pdf http://eprints.utm.my/id/eprint/11254/ |
| _version_ |
1643645629474275328 |
| score |
13.211869 |