File Integrity Checkers: Functionality, Attacks, and Protection

2022 2nd International Conference on Digital Futures and Transformative Technologies (ICoDT2) Pub Date : 2022-05-24 DOI:10.1109/ICoDT255437.2022.9787428

A. Salman, Muhammad Sohaib Khan, Sarmad Idrees, F. Akram, Muhammad Junaid, A. Malik

{"title":"File Integrity Checkers: Functionality, Attacks, and Protection","authors":"A. Salman, Muhammad Sohaib Khan, Sarmad Idrees, F. Akram, Muhammad Junaid, A. Malik","doi":"10.1109/ICoDT255437.2022.9787428","DOIUrl":null,"url":null,"abstract":"Intrusion detection systems are a critical component of a network's security. Intrusion detection systems exist in a variety of shapes and sizes, with various methodologies and analytic procedures. Host-based intrusion detection systems, or HIDS, are intrusion detection systems that operate at the host level and use a signature database (DB) or a profile to do detection analysis. The integrity of the database is fully dependent on the detection in all host-based systems. If an attacker can edit the database to his liking, he can simply circumvent the HIDS. In this paper, we have focused our study on file integrity checking HIDS. An endeavor has been made to study this specific type of HIDs functionality and various attacks against its trusted operation. Different techniques used to secure the system database have been studied, however, none are found to be flawless. We conclude that the use of Blockchain can be a viable solution in the future to secure the critical database integrity in such systems.","PeriodicalId":291030,"journal":{"name":"2022 2nd International Conference on Digital Futures and Transformative Technologies (ICoDT2)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 2nd International Conference on Digital Futures and Transformative Technologies (ICoDT2)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICoDT255437.2022.9787428","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Intrusion detection systems are a critical component of a network's security. Intrusion detection systems exist in a variety of shapes and sizes, with various methodologies and analytic procedures. Host-based intrusion detection systems, or HIDS, are intrusion detection systems that operate at the host level and use a signature database (DB) or a profile to do detection analysis. The integrity of the database is fully dependent on the detection in all host-based systems. If an attacker can edit the database to his liking, he can simply circumvent the HIDS. In this paper, we have focused our study on file integrity checking HIDS. An endeavor has been made to study this specific type of HIDs functionality and various attacks against its trusted operation. Different techniques used to secure the system database have been studied, however, none are found to be flawless. We conclude that the use of Blockchain can be a viable solution in the future to secure the critical database integrity in such systems.

查看原文本刊更多论文

文件完整性检查器:功能，攻击和保护

入侵检测系统是网络安全的重要组成部分。入侵检测系统以各种形式和规模存在，具有各种方法和分析过程。基于主机的入侵检测系统(HIDS)是在主机级别运行的入侵检测系统，它使用特征数据库(DB)或配置文件进行检测分析。数据库的完整性完全依赖于所有基于主机的系统中的检测。如果攻击者可以按照自己的喜好编辑数据库，他就可以简单地绕过HIDS。本文主要对文件完整性检测进行了研究。我们一直在努力研究这种特定类型的HIDs功能以及针对其可信操作的各种攻击。已经研究了用于保护系统数据库的不同技术，但是，没有一种技术是完美的。我们的结论是，区块链的使用在未来可能是一种可行的解决方案，以确保此类系统中关键数据库的完整性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2022 2nd International Conference on Digital Futures and Transformative Technologies (ICoDT2)

自引率

0.00%

发文量