Automatic high-performance reconstruction and recovery

Computer Networks

Volumn 51, Issue 5, 2007, Pages 1361-1377

  Goel, Ashvin ^a   Feng, Wu chang ^b   Feng, Wu chi ^b   Maier, David ^b  

^a UNIVERSITY OF TORONTO   (Canada)

^b Portland State University   (United States)

Author keywords

Auditing; Computer forensics; Operating systems; Self healing computers

Indexed keywords

COMPUTER OPERATING SYSTEMS; COMPUTER SYSTEM RECOVERY; DATABASE SYSTEMS; PATTERN RECOGNITION;

AUTOMATIC HIGH-PERFORMANCE RECONSTRUCTION; FORENSIX SYSTEM; KERNEL EVENT LEVEL; SELF-HEALING COMPUTERS; SELF-PROTECTING SYSTEMS;

SECURITY OF DATA;

EID: 33846240903     PISSN: 13891286     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.comnet.2006.09.013     Document Type: Article

References (47)

1. 4N6 Developers. The Forensix Project. .
2. Armando Fox, David Patterson, Self-repairing computers, Scientific American, September 2004.
3. P.T. Barham, A. Donnelly, R. Isaacs, R. Mortier, Using magpie for request extraction and workload modelling, in: Proceedings of the USENIX Symposium on Operating Systems Design and Implementation, 2004, pp. 259-272.
4. Bernaschi M., Gabrielli E., and Mancini L. REMUS: a security-enhanced operating system. ACM Transactions on Information and System Security 5 1 (2002)
5. Bishop M., and Dilger M. Checking for race conditions in file accesses. Computer Systems 9 2 (1996) 131-152
6. Bobbie Harder, Microsoft windows system restore, April 2001. .
7. A.B. Brown, D.A. Patterson, Undo for operators: building an undoable e-mail store, in: Proceedings of the USENIX Technical Conference, 2003, pp. 1-14.
8. J.S. Chase, D.C. Anderson, P.N. Thakar, A. Vahdat, R.P. Doyle, Managing energy and server resources in hosting centres, in: Proceedings of the Symposium on Operating Systems Principles, October 2001, pp. 103-116.
9. J. Chow, B. Pfaff, T. Garfinkel, K. Christopher, M. Rosenblum, Understanding data lifetime via whole system simulation, in: Proceedings of the USENIX Security Symposium, August 2004, pp. 321-336.
10. Clarke I., Hong T.W., Miller S.G., Sandberg O., and Wiley B. Protecting free expression online with Freenet. IEEE Internet Computing 6 1 (2002) 40-49
11. C. Cowan, Immunix: Adaptive system survivability, 1998. , .
12. Crosbie M., and Kuperman B. A building block approach to intrusion detection. Recent Advances in Intrusion Detection (RAID 2001) (2001), Springer, Davis, California
13. F. Dabek, M.F. Kaashoek, D. Karger, R. Morris, I. Stoica, Wide-area cooperative storage with CFS, in: Proceedings of the Symposium on Operating Systems Principles, October 2001.
14. G. Dunlap, S. King, S. Cinar, M. Basrai, P. Chen, ReVirt: Enabling intrusion analysis through virtual-machine logging and replay, in: Proceedings of OSDI, December 2002.
15. S. Eckmann, G. Vigna, R. Kemmerer, STATL: An Attack Language for State-based Intrusion Detection. Technical report, 2000.
16. Edward C. Bailey, Maximum RPM.Sams, August 1997.
17. E. Eskin, W. Lee, S. Stolfo, Modeling system calls for intrusion detection with dynamic window sizes, in: Proceedings of DARPA Information Survivability Converence and Exposition II, June 2001.
18. T. Garfinkel, Traps and pitfalls: practical problems in system call interposition based security tools, in: Proceedings of the Network and Distributed System Security Symposium, February 2003.
19. I. Goldberg, D. Wagner, R. Thomas, E.A. Brewer, A secure environment for untrusted helper applications, in: Proceedings of the USENIX Security Symposium, 1996.
20. Hofmeyr S.A., Forrest S., and Somayaji A. Intrusion detection using sequences of system calls. Journal of Computer Security 6 3 (1998) 151-180
21. K. Ilgun, USTAT: A real-time intrusion detection system for UNIX, Technical report, 1992.
22. G.H. Kim, E.H. Spafford, The design and implementation of tripwire: a file system integrity checker, in: ACM Conference on Computer and Communications Security, 1994, pp. 18-29.
23. S.T. King, P.M. Chen, Backtracking intrusions, in: Proceedings of the Symposium on Operating Systems Principles, October 2003.
24. C. Kruegel, D. Mutz, F. Valeur, G. Vigna, On the detection of anomalous system call arguments, in: ESORICS, 2003.
25. P. Kumar, M. Satyanarayanan, Flexible and safe resolution of file conflicts, in: Proceedings of the USENIX Technical Conference, USENIX, January 1995, pp. 95-106.
26. K. Mitnick, Takedown Transcripts: 1995 Feb 5 11:48:08, February 1995. .
27. D. Pilania, T. cker Chiueh, Design, implementation, and evaluation of an intrusion resilient database system. Technical Report TR-124, SUNY, Stony Brook, April 2005.
28. P. Porras, STAT: A state transition analysis tool for intrusion detection, Technical report, 1992.
29. N. Provos, Improving host security with system call policies, in: Proceedings of the USENIX Security Symposium, August 2003, pp. 257-272.
30. T. Ptacek, T. Newsham, Insertion, evasion, and denial of service: eluding network intrusion detection, Technical report, 1998.
31. P. Reiher, J.S. Heidemann, D. Ratner, G. Skinner, G.J. Popek, Resolving file conflicts in the Ficus file system, in: USENIX Technical Conference, USENIX, June 1994, pp. 183-195.
32. S. Quinlan, S. Dorward, Venti: A new approach to archival storage, in: Proceedings of Conference on File and Storage Technologies (FAST), January 2002.
33. D.S. Santry, M.J. Feeley, N.C. Hutchinson, A.C. Veitch, R.W. Carton, J. Ofir, Deciding when to forget in the Elephant file system, in: Proceedings of the Symposium on Operating Systems Principles, December 1999, pp. 110-123.
34. sd and devik.Linux on-the-fly kernel patching without LKM, Phrack (58), December 2001.
35. R. Sekar, M. Bendre, D. Dhurjati, P. Bollineni, A fast automaton-based method for detecting anomalous program behaviors, in: IEEE Symposium on Security and Privacy, May 2001.
36. R. Sekar, P. Uppuluri, Synthesizing fast intrusion prevention/detection systems from high-level specifications, in: Proceedings of the USENIX Security Symposium, August 1999, pp. 63-78.
37. J. Semke, J. Mahdavi, M. Mathis, Automatic TCP buffer tuning, in: Proceedings of the ACM SIGCOMM, 1998, pp. 315-323.
38. Slashdot, Slashdot FAQ, 2000. .
39. A. Somayaji, S. Forrest, Automated response using system-call delays, in: Proceedings of the USENIX Security Symposium, August 2000, pp. 185-198.
40. C.A.N. Soules, G.R. Goodson, J.D. Strunk, G.R. Ganger, Metadata efficiency in versioning file systems, in: Proceedings of the USENIX Conference on File and Storage Technologies, 2003, pp. 43-58.
41. J.D. Strunk, G.R. Goodson, M.L. Scheinholtz, C.A.N. Soules, G.R. Ganger, Self-securing storage: protecting data in compromised systems, in: Proceedings of the USENIX Symposium on Operating Systems Design and Implementation, 2000, pp. 165-180.
42. Suh G.E., Lee J.W., Zhang D., and Devadas S. Secure program execution via dynamic information flow tracking. ACM SIGARCH Computer Architecture News 32 5 (2004) 85-96
43. W. Sun, Z. Liang, R. Sekar, V. Venkatakrishnan, One-way isolation: an effective approach for realizing safe execution environments, in: Proceedings of the Network and Distributed System Security Symposium, February 2005.
44. D.B. Terry, M.M. Theimer, K. Petersen, A.J. Demers, M.J. Spreitzer, C.H. Hauser, Managing update conflicts in Bayou, a weakly connected replicated storage system, in: Proceedings of the 15th Symposium on Operating Systems Principles, December 1995, pp. 172-183.
45. The Honeynet Project and Research Alliance. Know Your Enemy: Phishing, May 2005. .
46. H. Xie, P. Biondi, Linux Intrusion Detection System (LIDS) Project. .
47. N. Zhu, T.-C. Chiueh, Design, implementation, and evaluation of repairable file service, in: Proceedings of the IEEE Dependable Systems and Networks, June 2003, pp. 217-226.