Operating system security by integrity checking and recovery using write-protected storage
- Author(s): Jerzy Kaczmarek 1 and Michal R. Wrobel 1
-
-
View affiliations
-
Affiliations:
1:
Faculty of Electronics, Telecommunications and Informatics, Gdansk University of Technology, Gdansk, Poland
-
Affiliations:
1:
Faculty of Electronics, Telecommunications and Informatics, Gdansk University of Technology, Gdansk, Poland
- Source:
Volume 8, Issue 2,
March 2014,
p.
122 – 131
DOI: 10.1049/iet-ifs.2012.0346 , Print ISSN 1751-8709, Online ISSN 1751-8717
An integrity checking and recovery (ICAR) system is presented here, which protects file system integrity and automatically restores modified files. The system enables files cryptographic hashes generation and verification, as well as configuration of security constraints. All of the crucial data, including ICAR system binaries, file backups and hashes database are stored in a physically write-protected storage to eliminate the threat of unauthorised modification. A buffering mechanism was designed and implemented in the system to increase operation performance. Additionally, the system supplies user tools for cryptographic hash generation and security database management. The system is implemented as a kernel extension, compliant with the Linux security model. Experimental evaluation of the system was performed and showed an approximate 10% performance degradation in secured file access compared to regular access.
Inspec keywords: Linux; database management systems; security of data
Other keywords: security database management; integrity checking and recovery system; ICAR system binaries; hashes database; file system integrity; Linux security model; system security; unauthorised modification; security constraints; cryptographic hashes generation; write-protected storage; file backups; buffering mechanism
Subjects: Data security; Operating systems; Database management systems (DBMS)
References
-
-
1)
-
14. Pennington, A.G., Griffin, J.L., Bucy, J.S., Strunk, J.D., Ganger, G.R.: ‘Storage-based intrusion detection’, ACM Trans. Inf. Syst. Secur. (TISSEC), 2010, 13, (4), p. 30 (doi: 10.1145/1880022.1880024).
-
-
2)
-
2. Preneel, B.: ‘State-of-the-art ciphers for commercial applications’, Comput. Secur., 1999, 18, (1), pp. 67–74 (doi: 10.1016/S0167-4048(99)80009-1).
-
-
3)
-
10. Schreuders, Z.C., McGill, T., Payne, C.: ‘Empowering end users to confine their own applications: the results of a usability study comparing SELinux, AppArmor, and FBAC-LSM’, ACM Trans. Inf. Syst. Secur. (TISSEC), 2011, 14, (2), p. 19 (doi: 10.1145/2019599.2019604).
-
-
4)
-
7. Zadok, E., Iyer, R., Joukov, N., Sivathanu, G., Wright, C.P.: ‘On incremental file system development’, ACM Trans. Storage (TOS), 2006, 2, (2), pp. 161–96 (doi: 10.1145/1149976.1149979).
-
-
5)
-
6. Rocke, A.J., DeMara, R.F.: ‘CONFIDANT: Collaborative object notification framework for insider defense using autonomous network transactions’, Autonom. Agents Multi-Agent Syst., 2006, 12, (1), pp. 93–114 (doi: 10.1007/s10458-005-4195-6).
-
-
6)
-
13. Ateniese, G., Burns, R., Curtmola, R., Herring, J., Khan, O., Kissner, L.: ‘Remote data checking using provable data possession’, ACM Trans. Inf. Syst. Secur. (TISSEC), 2011, 14, (1), p. 12 (doi: 10.1145/1952982.1952994).
-
-
7)
-
3. DeMara, R.F., Rocke, A.J.: ‘Mitigation of network tampering using dynamic dispatch of mobile agents’, Comput. Secur., 2004, 23, (1), pp. 31–42 (doi: 10.1016/S0167-4048(04)00068-9).
-
-
8)
-
21. Jiang, X., Wang, X., Xu, D.: ‘Stealthy malware detection and monitoring through VMM-based ‘out-of-the-box’ semantic view reconstruction’, ACM Trans. Inf. Syst. Secur., 2010, 13, (2), pp. 1–28 (doi: 10.1145/1698750.1698752).
-
-
9)
-
11. da Silveira Serafim, V., Weber, R.F.: ‘Restraining and repairing file system damage through file integrity control’, Comput. Secur., 2004, 23, (1), pp. 52–62 (doi: 10.1016/S0167-4048(04)00066-5).
-
-
10)
-
20. Jin, H., Xiang, G., Zou, D., Zhao, F., Li, M., Yu, C.: ‘A guest-transparent file integrity monitoring method in virtualization environment’, Comput. Math. Appl., 2010, 60, (2), pp. 256–266 (doi: 10.1016/j.camwa.2010.01.007).
-
-
11)
-
15. Wang, X., Yu, H.: ‘How to break MD5 and other hash functions’. Advances in Cryptology-EUROCRYPT 2005, 2005, pp. 561–561.
-
-
12)
-
9. Wright, C., Cowan, C., Smalley, S., Morris, J., Kroah-Hartman, G.: ‘Linux security modules: General security support for the Linux kernel’. In: Proc. 11th USENIX Security Symposium, San Francisco, CA, 2002, vol. 2, p. 44.
-
-
13)
-
7. Zadok, E., Iyer, R., Joukov, N., Sivathanu, G., Wright, C.P.: ‘On incremental file system development’, ACM Trans. Storage (TOS), 2006, 2, (2), pp. 161–96 (doi: 10.1145/1149976.1149979).
-
-
14)
-
10. Schreuders, Z.C., McGill, T., Payne, C.: ‘Empowering end users to confine their own applications: the results of a usability study comparing SELinux, AppArmor, and FBAC-LSM’, ACM Trans. Inf. Syst. Secur. (TISSEC), 2011, 14, (2), p. 19 (doi: 10.1145/2019599.2019604).
-
-
15)
-
4. Kaczmarek, J., Wrobel, M.: ‘Modern approaches to file system integrity checking’. IEEE First Int. Conf. Information Technology, 2008.
-
-
16)
-
1. Bace, R., Mell, P.: ‘NIST special publication on intrusion detection systems’. DTIC Document, 2001.
-
-
17)
-
6. Rocke, A.J., DeMara, R.F.: ‘CONFIDANT: Collaborative object notification framework for insider defense using autonomous network transactions’, Autonom. Agents Multi-Agent Syst., 2006, 12, (1), pp. 93–114 (doi: 10.1007/s10458-005-4195-6).
-
-
18)
-
8. Borchardt, M., Maziero, C., Jamhour, E.: ‘An architecture for on-the-fly file integrity checking’. Dependable Computing, 2003, pp. 117–126.
-
-
19)
-
2. Preneel, B.: ‘State-of-the-art ciphers for commercial applications’, Comput. Secur., 1999, 18, (1), pp. 67–74 (doi: 10.1016/S0167-4048(99)80009-1).
-
-
20)
-
16. Edwards, A., Jaeger, T., Zhang, X.: ‘Maintaining the correctness of the Linux security modules framework’. In: Ottawa Linux Symposium, 2002, p. 223.
-
-
21)
-
19. Jiang, X., Wang, X., Xu, D.: ‘Stealthy malware detection and monitoring through VMM-based out-of-the-box semantic view reconstruction’, ACM Trans. Inf. Syst. Secur. (TISSEC), 2010, 13, (2), p. 12 (doi: 10.1145/1698750.1698752).
-
-
22)
-
5. Kim, G.H., Spafford, E.H.: ‘The design and implementation of tripwire: a file system integrity checker’. In: Proc. Second ACM Conf. Computer and Communications Security, ACM, 1994, pp. 18–29.
-
-
23)
-
3. DeMara, R.F., Rocke, A.J.: ‘Mitigation of network tampering using dynamic dispatch of mobile agents’, Comput. Secur., 2004, 23, (1), pp. 31–42 (doi: 10.1016/S0167-4048(04)00068-9).
-
-
24)
-
20. Jin, H., Xiang, G., Zou, D., Zhao, F., Li, M., Yu, C.: ‘A guest-transparent file integrity monitoring method in virtualization environment’, Comput. Math. Appl., 2010, 60, (2), pp. 256–266 (doi: 10.1016/j.camwa.2010.01.007).
-
-
25)
-
17. Bishop, M., Dilger, M.: ‘Checking for race conditions in file accesses’, Comput. Syst., 1996, 2, (2), pp. 131–152.
-
-
26)
-
12. Patil, S., Kashyap, A., Sivathanu, G., Zadok, E.: ‘I3FS: An in-kernel integrity checker and intrusion detection file system’. In: Proc. 18th Annual Large Installation System Administration Conf. (LISA04), 2004.
-
-
27)
-
14. Pennington, A.G., Griffin, J.L., Bucy, J.S., Strunk, J.D., Ganger, G.R.: ‘Storage-based intrusion detection’, ACM Trans. Inf. Syst. Secur. (TISSEC), 2010, 13, (4), p. 30 (doi: 10.1145/1880022.1880024).
-
-
28)
-
18. Garfinkel, T., Rosenblum, M.: ‘A virtual machine introspection based architecture for intrusion detection’. In: Proc. Network and Distributed Systems Security Symposium, 2003.
-
-
29)
-
13. Ateniese, G., Burns, R., Curtmola, R., Herring, J., Khan, O., Kissner, L.: ‘Remote data checking using provable data possession’, ACM Trans. Inf. Syst. Secur. (TISSEC), 2011, 14, (1), p. 12 (doi: 10.1145/1952982.1952994).
-
-
30)
-
11. da Silveira Serafim, V., Weber, R.F.: ‘Restraining and repairing file system damage through file integrity control’, Comput. Secur., 2004, 23, (1), pp. 52–62 (doi: 10.1016/S0167-4048(04)00066-5).
-
-
1)