Using Independent Auditors as Intrusion Detection Systems

View Related Documents

Book Chapter
RKRD: Runtime Kernel Rootkit Detection
Satyajit Grover, Hormuzd Khosravi, Divya Kolar, Samuel Moffat and Michael E. Kounavis
Communications in Computer and Information Science, 1, Volume 48, e-Business and Telecommunications, Part 3, Pages 224-236
- Download PDF (194.5 KB)
Book Chapter
Detecting Malicious Software by Monitoring Anomalous Windows Registry Accesses
Frank Apap, Andrew Honig, Shlomo Hershkop, Eleazar Eskin and Sal Stolfo
Lecture Notes in Computer Science, 2002, Volume 2516, Recent Advances in Intrusion Detection, Pages 36-53
- Download PDF (247.3 KB)
Book Chapter
The Orchids Intrusion Detection Tool
Julien Olivain and Jean Goubault-Larrecq
Lecture Notes in Computer Science, 2005, Volume 3576, Computer Aided Verification, Pages 225-231
- Download PDF (144.6 KB)
Book Chapter
Learning to Detect Malicious Executables
Jeremy Kolter and Marcus Maloof
Advanced Information and Knowledge Processing, 2006, Machine Learning and Data Mining for Computer Security, Part II, Pages 47-63
- Download PDF (158.2 KB)
Book Chapter
Hello rootKitty: A Lightweight Invariance-Enforcing Framework
Francesco Gadaleta, Nick Nikiforakis, Yves Younan and Wouter Joosen
Lecture Notes in Computer Science, 2011, Volume 7001, Information Security, Pages 213-228
- Download PDF (238.2 KB)
Journal Article
Protecting File Systems with Transient Authentication
Mark D. Corner and Brian D. Noble
Wireless Networks, 2005, Volume 11, Numbers 1-2, Pages 7-19
- Download PDF (412.7 KB)
Book Chapter
Polymorphic Worm Detection Using Structural Information of Executables
Christopher Kruegel, Engin Kirda, Darren Mutz, William Robertson and Giovanni Vigna
Lecture Notes in Computer Science, 2006, Volume 3858, Recent Advances in Intrusion Detection, Pages 207-226
- Download PDF (516.8 KB)
Book Chapter
Anomaly Detection in Computer Security and an Application to File System Accesses
Salvatore J. Stolfo, Shlomo Hershkop, Linh H. Bui, Ryan Ferster and Ke Wang
Lecture Notes in Computer Science, 2005, Volume 3488, Foundations of Intelligent Systems, Pages 3-12
- Download PDF (146.5 KB)
Book Chapter
An Architecture for Provably Secure Computation
Miklós Ajtai, Cynthia Dwork and Larry Stockmeyer
Lecture Notes in Computer Science, 2006, Volume 3887, LATIN 2006: Theoretical Informatics, Pages 56-67
- Download PDF (358.6 KB)
Book Chapter
Remote Integrity Checking
How to Trust Files Stored on Untrusted Servers
Yves Deswarte, Jean-Jacques Quisquater and Ayda Saïdane
IFIP International Federation for Information Processing, 2004, Volume 140, Integrity and Internal Control in Information Systems VI, Pages 1-11
- Download PDF (367.4 KB)

Abstract

A basic method in computer security is to perform integrity checks on the file system to detect the installation of malicious programs, or the modification of sensitive files. Integrity tools to date rely on the operating system to function correctly, so once the operating system is compromised even a novice attacker can easily defeat these tools. A novel way to overcome this problem is the use of an independent auditor, which uses an out-of-band verification process that does not depend on the underlying operating system. In this paper we present a definition of independent auditors and a specific implementation of an independent auditor using an embedded system attached to the PCI bus.

This work funded in part by DARPA grant #F306020120535

Fulltext Preview

Image of the first page of the fulltext document

Frequently asked questions General info on journals and books Send us your feedback Impressum Contact us

SpringerLink

Using Independent Auditors as Intrusion Detection Systems

View Related Documents

Abstract

Fulltext Preview