Check nearby libraries
Buy this book
When intrusions occur, two of the most costly, time-consuming, and human-intensive tasks are the analysis and recovery of the compromised system. This thesis uses a complete log of all system activities for post-facto analysis and recovery, and it shows how historical analysis tools can be implemented easily and efficiently over this complete log. These tools allow detailed analysis of real attacks.This thesis also describes a framework for efficiently recovering file-system data after an intrusion occurs or after some damage is caused by system management error. Our approach uses an efficient redo recovery approach and ensures that no legitimate data is lost after recovery by using automated conflict resolution algorithms to isolate compromised objects that are needed by legitimate operations. This framework is fully implemented and a detailed evaluation shows that it can correctly recover file-system data from a wide range of incidents.
Check nearby libraries
Buy this book
Showing 1 featured edition. View all 1 editions?
Edition | Availability |
---|---|
1 |
aaaa
Libraries near you:
WorldCat
|
Book Details
Edition Notes
Source: Masters Abstracts International, Volume: 44-02, page: 0931.
Thesis (M.A.Sc.)--University of Toronto, 2005.
Electronic version licensed for access by U. of T. users.
GERSTEIN MICROTEXT copy on microfiche (1 microfiche).
The Physical Object
ID Numbers
Community Reviews (0)
Feedback?January 24, 2010 | Edited by WorkBot | add more information to works |
December 11, 2009 | Created by WorkBot | add works page |