Hardware-Assisted Intrusion Detection by Preserving Reference Information Integrity
نویسندگان
چکیده
Malware detectors and integrity checkers detect malicious activities by comparing against reference data. To ensure their trustworthy operation, it is crucial to protect the reference data from unauthorized modification. This paper proposes the Soteria Security Card (SSC), an append-only storage. To the best of our knowledge, this work is the first to introduce the concept of an append-only storage and its application to information security. The SSC framework allows only read and append operations, and forbids over-write and erase operations. By exploiting this trait, we can protect the reference data that must be updated constantly. It is demonstrated how SSC facilitates log protection and file integrity checking.
منابع مشابه
Intrusion Detection based on a Novel Hybrid Learning Approach
Information security and Intrusion Detection System (IDS) plays a critical role in the Internet. IDS is an essential tool for detecting different kinds of attacks in a network and maintaining data integrity, confidentiality and system availability against possible threats. In this paper, a hybrid approach towards achieving high performance is proposed. In fact, the important goal of this paper ...
متن کاملIntegrity Model based Intrusion Detection System: A Practical Approach
Information is considered to be an asset for any organizations. Malicious attacks/threats can compromise the security and trust of a system, which shall be controlled by introducing Intrusion Detection System. In order to offer maximum security for the confidential data and the corresponding data integrity, a novel Integrity model based Intrusion Detection system is proposed. Hence, the optimum...
متن کاملInformation Modeling for Intrusion Report Aggregation
This paper describes the SCYLLARUS approach to fusing reports from multiple intrusion detection systems (IDSes) to provide an overall approach to intrusion situation awareness. The overall view provided by SCYLLARUS centers around the site’s security goals, aggregating large numbers of individual IDS reports based on their impact The overall view reduces information overload by aggregating mult...
متن کاملA New Intrusion Detection System to deal with Black Hole Attacks in Mobile Ad Hoc Networks
By extending wireless networks and because of their different nature, some attacks appear in these networks which did not exist in wired networks. Security is a serious challenge for actual implementation in wireless networks. Due to lack of the fixed infrastructure and also because of security holes in routing protocols in mobile ad hoc networks, these networks are not protected against attack...
متن کاملIntrusion Detection using C4.5: Performance Enhancement by Classifier Combination
Data Security has become a very critical part of any organizational information system. Intrusion Detection System (IDS) is used as a security measure to preserve data integrity and system availability from various attacks. This paper evaluates the performance of C4.5 classifier and its combination using bagging, boosting and stacking over NSLKDD dataset for IDS. This dataset set consists of se...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013