Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICDCSW
2005
IEEE
2005
IEEE
Forensix: A Robust, High-Performance Reconstruction System
When computer intrusions occur, one of the most costly, time-consuming, and human-intensive tasks is the analysis and recovery of the compromised system. At a time when the cost of human resources dominates the cost of CPU, network, and storage resources, we argue that computing systems should, in fact, be built with automated analysis and recovery as a primary goal. Towards this end, we describe the design, implementation, and evaluation of Forensix: a robust, high-precision reconstruction and analysis system for supporting the computer equivalent of “TiVo”. Forensix uses three key mechanisms to improve the accuracy and reduce the human overhead of performing forensic analysis. First it performs comprehensive monitoring of the execution of a target system at the kernel event level, giving a high-resolution, application-independent view of all activity. Second, it streams the kernel event information, in real-time, to append-only storage on a separate, hardened, logging machine, m...
Real-time TrafficDistributed And Parallel Computing | Forensic Analysis | ICDCSW 2005 | Kernel Event | Kernel Event Level |
| Added | 24 Jun 2010 |
| Updated | 24 Jun 2010 |
| Type | Conference |
| Year | 2005 |
| Where | ICDCSW |
| Authors | Ashvin Goel, Wu-chang Feng, David Maier, Wu-chi Feng, Jonathan Walpole |
Comments (0)
Researcher Info
|
