Title :
A File Integrity Monitoring System Based on Virtual Machine
Author :
Zhu Wang ; Tao Huang ; Sha Wen
Author_Institution :
Grad. Sch. of Arts & Sci., New York Univ., New York, NY, USA
Abstract :
This paper describes the design and implementation of a file integrity monitoring system, named FSGuard, based on the virtualization software Xen. Monitored system (DomU) runs in full virtualized mode on Xen, therefore it is unable to perceive the existence of the underlying VMM, but its system calls related to file operations are recorded in real time. User mode programs in DomU provide configuration and management interface, so that the administrator can assign a certain DomU to specify the access control policy and a list of files that need to be protected. These characters make FSGuard possible to monitor file operations in real time, and get feedback through the user mode program in DomU.
Keywords :
authorisation; computerised monitoring; data integrity; file organisation; user interfaces; virtual machines; virtualisation; DomU system; FSGuard; VMM; Xen virtualization software; access control policy; configuration interface; file integrity monitoring system design; file integrity monitoring system implementation; file operations; file protection; management interface; system call recording; user mode program; virtual machine; Biomedical monitoring; Kernel; Monitoring; Real-time systems; Registers; Virtualization;
Conference_Titel :
Instrumentation, Measurement, Computer, Communication and Control (IMCCC), 2012 Second International Conference on
Conference_Location :
Harbin
Print_ISBN :
978-1-4673-5034-1
DOI :
10.1109/IMCCC.2012.396
