Open Library logo
New Feature: You can now embed Open Library books on your website!   Learn More
Last edited by WorkBot
January 24, 2010 | History

Determining intrusion activity for file-system recovery 1 edition

Determining intrusion activity for file-system recovery
Kai Yi Po

No ebook available.

Prefer the physical book? Check nearby libraries with:

Buy this book

There's no description for this book yet. Can you add one?
There is only 1 edition record, so we'll show it here...  •  Add edition?

Determining intrusion activity for file-system recovery.

Published 2005 .
Written in English.

About the Book

Recovery from intrusions is typically a very time-consuming and error-prone task because the precise details of an attack may not be known. The wide availability of attack toolkits that install modified utility programs and erase log files to hide an attack further complicates this problem. This thesis explores a fast and accurate method for determining intrusion activity for file-system recovery. Given an audit log of all system activities, our approach uses dependency analysis to determine the set of intrusion-related activities. This approach effectively detects all attack-related activities, but it can falsely mark legitimate activities as related to an intrusion. Hence, we propose various enhancements to improve the accuracy of the analysis. This approach is implemented as part of the Taser intrusion recovery system. Our evaluation shows that Taser is effective in recovering from the damage caused by a wide range of intrusions and system management errors.

Edition Notes

Source: Masters Abstracts International, Volume: 44-02, page: 0942.

Thesis (M.A.Sc.)--University of Toronto, 2005.

Electronic version licensed for access by U. of T. users.

GERSTEIN MICROTEXT copy on microfiche (1 microfiche).

The Physical Object

51 leaves.
Number of pages

ID Numbers

Open Library


Download catalog record: RDF / JSON
January 24, 2010 Edited by WorkBot add more information to works
December 11, 2009 Created by WorkBot add works page