A File Integrity Monitoring System Based on Virtual Machine

Author

Zhu Wang ; Tao Huang ; Sha Wen

Author_Institution

Grad. Sch. of Arts & Sci., New York Univ., New York, NY, USA

fYear

2012

fDate

8-10 Dec. 2012

Firstpage

653

Lastpage

655

Abstract

This paper describes the design and implementation of a file integrity monitoring system, named FSGuard, based on the virtualization software Xen. Monitored system (DomU) runs in full virtualized mode on Xen, therefore it is unable to perceive the existence of the underlying VMM, but its system calls related to file operations are recorded in real time. User mode programs in DomU provide configuration and management interface, so that the administrator can assign a certain DomU to specify the access control policy and a list of files that need to be protected. These characters make FSGuard possible to monitor file operations in real time, and get feedback through the user mode program in DomU.

Keywords

authorisation; computerised monitoring; data integrity; file organisation; user interfaces; virtual machines; virtualisation; DomU system; FSGuard; VMM; Xen virtualization software; access control policy; configuration interface; file integrity monitoring system design; file integrity monitoring system implementation; file operations; file protection; management interface; system call recording; user mode program; virtual machine; Biomedical monitoring; Kernel; Monitoring; Real-time systems; Registers; Virtualization;

fLanguage

English

Publisher

ieee

Conference_Titel

Instrumentation, Measurement, Computer, Communication and Control (IMCCC), 2012 Second International Conference on

Conference_Location

Harbin

Print_ISBN

978-1-4673-5034-1

Type

conf

DOI

10.1109/IMCCC.2012.396

Filename

6428993