{"title":"用于确定异常磁盘访问的文件和块监视系统","authors":"P. Stanton, W. Yurcik, L. Brumbaugh","doi":"10.1109/IAW.2005.1495954","DOIUrl":null,"url":null,"abstract":"Despite increasingly sophisticated security measures, attackers have continued to find ways to gain access to stored data with impacts including data disclosure, modification, or deletion. There currently exist no tools independent of the operating system to monitor storage status. The authors introduced FABS as a comprehensive tool to monitor storage for anomalous accesses. A scalable GUI prototype, VisFlowConnect-SS, which represents storage accesses visually to human operators, was also introduced. The goal is an integrated storage-based monitoring system that provides intrusion detection, minimizes attack damage, and assists with post-attack forensic analysis.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"FABS: file and block surveillance system for determining anomalous disk accesses\",\"authors\":\"P. Stanton, W. Yurcik, L. Brumbaugh\",\"doi\":\"10.1109/IAW.2005.1495954\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Despite increasingly sophisticated security measures, attackers have continued to find ways to gain access to stored data with impacts including data disclosure, modification, or deletion. There currently exist no tools independent of the operating system to monitor storage status. The authors introduced FABS as a comprehensive tool to monitor storage for anomalous accesses. A scalable GUI prototype, VisFlowConnect-SS, which represents storage accesses visually to human operators, was also introduced. The goal is an integrated storage-based monitoring system that provides intrusion detection, minimizes attack damage, and assists with post-attack forensic analysis.\",\"PeriodicalId\":252208,\"journal\":{\"name\":\"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop\",\"volume\":\"2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-06-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IAW.2005.1495954\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IAW.2005.1495954","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
FABS: file and block surveillance system for determining anomalous disk accesses
Despite increasingly sophisticated security measures, attackers have continued to find ways to gain access to stored data with impacts including data disclosure, modification, or deletion. There currently exist no tools independent of the operating system to monitor storage status. The authors introduced FABS as a comprehensive tool to monitor storage for anomalous accesses. A scalable GUI prototype, VisFlowConnect-SS, which represents storage accesses visually to human operators, was also introduced. The goal is an integrated storage-based monitoring system that provides intrusion detection, minimizes attack damage, and assists with post-attack forensic analysis.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
