File integrity monitor scheduling based on file security level classification
Integrity of operating system components must be carefully handled in order to optimize the system security. Attackers always attempt to alter or modify these related components to achieve their goals. System files are common targets by the attackers. File integrity monitoring tools are widely used...
| Main Authors: | , , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
Springer
2011
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/76646/ http://psasir.upm.edu.my/id/eprint/76646/1/File%20integrity%20monitor%20scheduling%20based%20on%20file%20security%20level%20classification.pdf |
| _version_ | 1848858027321458688 |
|---|---|
| author | Abdullah, Zul Hilmi Udzir, Nur Izura Mahmod, Ramlan Samsudin, Khairulmizam |
| author_facet | Abdullah, Zul Hilmi Udzir, Nur Izura Mahmod, Ramlan Samsudin, Khairulmizam |
| author_sort | Abdullah, Zul Hilmi |
| building | UPM Institutional Repository |
| collection | Online Access |
| description | Integrity of operating system components must be carefully handled in order to optimize the system security. Attackers always attempt to alter or modify these related components to achieve their goals. System files are common targets by the attackers. File integrity monitoring tools are widely used to detect any malicious modification to these critical files. Two methods, off-line and on-line file integrity monitoring have their own disadvantages. This paper proposes an enhancement to the scheduling algorithm of the current file integrity monitoring approach by combining the off-line and on-line monitoring approach with dynamic inspection scheduling by performing file classification technique. Files are divided based on their security level group and integrity monitoring schedule is defined based on related groups. The initial testing result shows that our system is effective in on-line detection of file modification. |
| first_indexed | 2025-11-15T12:06:55Z |
| format | Conference or Workshop Item |
| id | upm-76646 |
| institution | Universiti Putra Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T12:06:55Z |
| publishDate | 2011 |
| publisher | Springer |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | upm-766462020-02-05T04:25:30Z http://psasir.upm.edu.my/id/eprint/76646/ File integrity monitor scheduling based on file security level classification Abdullah, Zul Hilmi Udzir, Nur Izura Mahmod, Ramlan Samsudin, Khairulmizam Integrity of operating system components must be carefully handled in order to optimize the system security. Attackers always attempt to alter or modify these related components to achieve their goals. System files are common targets by the attackers. File integrity monitoring tools are widely used to detect any malicious modification to these critical files. Two methods, off-line and on-line file integrity monitoring have their own disadvantages. This paper proposes an enhancement to the scheduling algorithm of the current file integrity monitoring approach by combining the off-line and on-line monitoring approach with dynamic inspection scheduling by performing file classification technique. Files are divided based on their security level group and integrity monitoring schedule is defined based on related groups. The initial testing result shows that our system is effective in on-line detection of file modification. Springer 2011 Conference or Workshop Item PeerReviewed text en http://psasir.upm.edu.my/id/eprint/76646/1/File%20integrity%20monitor%20scheduling%20based%20on%20file%20security%20level%20classification.pdf Abdullah, Zul Hilmi and Udzir, Nur Izura and Mahmod, Ramlan and Samsudin, Khairulmizam (2011) File integrity monitor scheduling based on file security level classification. In: Second International Conference on Software Engineering and Computer Systems (ICSECS 2011), 27-29 June 2011, Kuantan, Pahang, Malaysia. (pp. 177-189). https://link.springer.com/chapter/10.1007/978-3-642-22191-0_16 10.1007/978-3-642-22191-0_16 |
| spellingShingle | Abdullah, Zul Hilmi Udzir, Nur Izura Mahmod, Ramlan Samsudin, Khairulmizam File integrity monitor scheduling based on file security level classification |
| title | File integrity monitor scheduling based on file security level classification |
| title_full | File integrity monitor scheduling based on file security level classification |
| title_fullStr | File integrity monitor scheduling based on file security level classification |
| title_full_unstemmed | File integrity monitor scheduling based on file security level classification |
| title_short | File integrity monitor scheduling based on file security level classification |
| title_sort | file integrity monitor scheduling based on file security level classification |
| url | http://psasir.upm.edu.my/id/eprint/76646/ http://psasir.upm.edu.my/id/eprint/76646/ http://psasir.upm.edu.my/id/eprint/76646/ http://psasir.upm.edu.my/id/eprint/76646/1/File%20integrity%20monitor%20scheduling%20based%20on%20file%20security%20level%20classification.pdf |