Abstract
A basic method in computer security is to perform integrity checks on the file system to detect the installation of malicious programs, or the modification of sensitive files. Integrity tools to date rely on the operating system to function correctly, so once the operating system is compromised even a novice attacker can easily defeat these tools. A novel way to overcome this problem is the use of an independent auditor, which uses an out-of-band verification process that does not depend on the underlying operating system. In this paper we present a definition of independent auditors and a specific implementation of an independent auditor using an embedded system attached to the PCI bus.
Cite
CITATION STYLE
Molina, J., & Arbaugh, W. (2002). Using independent auditors as intrusion detection systems. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2513, pp. 291–302). Springer Verlag. https://doi.org/10.1007/3-540-36159-6_25
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
