• DocumentCode
    2235127
  • Title

    A Dynamic Filtering Technique for Sebek System Monitoring

  • Author

    Balas, Edward ; Travis, Gregory ; Viecco, Camilo

  • Author_Institution
    Adv. Network Manage. Lab., Indiana Univ., IN
  • fYear
    2006
  • fDate
    21-23 June 2006
  • Firstpage
    275
  • Lastpage
    282
  • Abstract
    In this paper we investigate the performance limits of system call based monitoring tools using the Linux version of Sebek as a focal point. We quantify the amount of uninteresting data that it collects and illustrate the problems that this creates: detection of Sebek, amount of work to analyze data, and data privacy. To mitigate these problems we propose a dynamic filtering technique. Finally we evaluate the performance of an implementation of this technique
  • Keywords
    Linux; security of data; system monitoring; Linux version; Sebek system monitoring; dynamic filtering technique; Cryptography; Data analysis; Data privacy; Filtering; History; Instruments; Kernel; Linux; Monitoring; Performance analysis;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Assurance Workshop, 2006 IEEE
  • Conference_Location
    West Point, NY
  • Print_ISBN
    1-4244-0130-5
  • Type

    conf

  • DOI
    10.1109/IAW.2006.1652106
  • Filename
    1652106
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2235127