Paper Info
Title
File Integrity Monitor Scheduling Based on File Security Level Classification.
Abstract
Integrity of operating system components must be carefully handled in order to optimize the system security. Attackers always attempt to alter or modify these related components to achieve their goals. System files are common targets by the attackers. File integrity monitoring tools are widely used to detect any malicious modification to these critical files. Two methods, off-line and on-line file integrity monitoring have their own disadvantages. This paper proposes an enhancement to the scheduling algorithm of the current file integrity monitoring approach by combining the off-line and on-line monitoring approach with dynamic inspection scheduling by performing file classification technique. Files are divided based on their security level group and integrity monitoring schedule is defined based on related groups. The initial testing result shows that our system is effective in on-line detection of file modification.
Year
DOI
Venue
2011
10.1007/978-3-642-22191-0_16
Communications in Computer and Information Science
Keywords
Field
DocType
Operating System Security,Files Integrity,Monitoring Schedule,File Security Classification,Malicious Modification,HIDS
Distributed File System,SSH File Transfer Protocol,Security level,Self-certifying File System,Scheduling (computing),Computer science,Operating system security,File integrity monitoring,Operating system
Conference
Volume
ISSN
Citations 
180
1865-0929
2
PageRank 
References 
Authors
0.38
14
4
Name
Order
Citations
PageRank
Zul Hilmi Abdullah120.72
Nur Izura Udzir216428.44
Ramlan Mahmod36415.11
Khairulmizam Samsudin49213.43