Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IEEEARES
2010
IEEE
2010
IEEE
LSM-Based Secure System Monitoring Using Kernel Protection Schemes
—Monitoring a process and its file I/O behaviors is important for security inspection for a data center server against intrusions, malware infection and information leakage. In the case of the Linux kernel 2.6, a set of hook functions called the Linux Security Module (LSM) has been implemented in order to monitor and control the system calls. By using the LSM we can inspect the activity of unknown malicious processes. However, a sophisticated attacker could breach the kernel configurations using the rootkits. Furthermore since the monitoring results of the malicious process activity are stored as a file on Hard Disk Drive (HDD), it will be easily manipulated by the attacker. In this paper, we propose a secure monitoring scheme that addresses the attacks against the monitoring module and its result for security inspection of the data center server. The monitoring module is implemented as a LSM-based function and protected by the kernel protection technique. The integrity of the mon...
Real-time Traffic| Added | 03 Jul 2010 |
| Updated | 03 Jul 2010 |
| Type | Conference |
| Year | 2010 |
| Where | IEEEARES |
| Authors | Takamasa Isohara, Keisuke Takemori, Yutaka Miyake, Ning Qu, Adrian Perrig |
Comments (0)
Researcher Info
|
