An intrusion detection system which can restore altered data

Fumiaki Nagano, Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We propose an intrusion detection system. Our system can detect the alteration of data in memory and also can restore altered data. This type of intrusion detection system has been proposed variously so far. But many of them can detect only a part of attacks. And as far as we know, few of them can restore altered data. Our system can detect attacks which can not be detected by existing systems and also can restore altered data. Our system protects data in the kernel area using hash functions. The overhead of accessing the kernel area and using a hash function is high. But our system reduces the frequency of accessing the kernel area and using a hash function in safety.

Original languageEnglish
Title of host publicationFourth International Conference on Information Technology and Applications, ICITA 2007
Pages29-34
Number of pages6
Publication statusPublished - Dec 3 2007
Event4th International Conference on Information Technology and Applications, ICITA 2007 - Harbin, China
Duration: Jan 15 2007Jan 18 2007

Publication series

NameFourth International Conference on Information Technology and Applications, ICITA 2007

Other

Other4th International Conference on Information Technology and Applications, ICITA 2007
CountryChina
CityHarbin
Period1/15/071/18/07

Fingerprint

Hash functions
Intrusion detection
Data storage equipment

All Science Journal Classification (ASJC) codes

  • Computer Science(all)

Cite this

Nagano, F., Tatara, K., Tabata, T., & Sakurai, K. (2007). An intrusion detection system which can restore altered data. In Fourth International Conference on Information Technology and Applications, ICITA 2007 (pp. 29-34). (Fourth International Conference on Information Technology and Applications, ICITA 2007).

An intrusion detection system which can restore altered data. / Nagano, Fumiaki; Tatara, Kohei; Tabata, Toshihiro; Sakurai, Kouichi.

Fourth International Conference on Information Technology and Applications, ICITA 2007. 2007. p. 29-34 (Fourth International Conference on Information Technology and Applications, ICITA 2007).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Nagano, F, Tatara, K, Tabata, T & Sakurai, K 2007, An intrusion detection system which can restore altered data. in Fourth International Conference on Information Technology and Applications, ICITA 2007. Fourth International Conference on Information Technology and Applications, ICITA 2007, pp. 29-34, 4th International Conference on Information Technology and Applications, ICITA 2007, Harbin, China, 1/15/07.
Nagano F, Tatara K, Tabata T, Sakurai K. An intrusion detection system which can restore altered data. In Fourth International Conference on Information Technology and Applications, ICITA 2007. 2007. p. 29-34. (Fourth International Conference on Information Technology and Applications, ICITA 2007).
Nagano, Fumiaki ; Tatara, Kohei ; Tabata, Toshihiro ; Sakurai, Kouichi. / An intrusion detection system which can restore altered data. Fourth International Conference on Information Technology and Applications, ICITA 2007. 2007. pp. 29-34 (Fourth International Conference on Information Technology and Applications, ICITA 2007).
@inproceedings{7544bb8a072342dcb0a1b7295ddfd466,
title = "An intrusion detection system which can restore altered data",
abstract = "We propose an intrusion detection system. Our system can detect the alteration of data in memory and also can restore altered data. This type of intrusion detection system has been proposed variously so far. But many of them can detect only a part of attacks. And as far as we know, few of them can restore altered data. Our system can detect attacks which can not be detected by existing systems and also can restore altered data. Our system protects data in the kernel area using hash functions. The overhead of accessing the kernel area and using a hash function is high. But our system reduces the frequency of accessing the kernel area and using a hash function in safety.",
author = "Fumiaki Nagano and Kohei Tatara and Toshihiro Tabata and Kouichi Sakurai",
year = "2007",
month = "12",
day = "3",
language = "English",
isbn = "0980326702",
series = "Fourth International Conference on Information Technology and Applications, ICITA 2007",
pages = "29--34",
booktitle = "Fourth International Conference on Information Technology and Applications, ICITA 2007",

}

TY - GEN

T1 - An intrusion detection system which can restore altered data

AU - Nagano, Fumiaki

AU - Tatara, Kohei

AU - Tabata, Toshihiro

AU - Sakurai, Kouichi

PY - 2007/12/3

Y1 - 2007/12/3

N2 - We propose an intrusion detection system. Our system can detect the alteration of data in memory and also can restore altered data. This type of intrusion detection system has been proposed variously so far. But many of them can detect only a part of attacks. And as far as we know, few of them can restore altered data. Our system can detect attacks which can not be detected by existing systems and also can restore altered data. Our system protects data in the kernel area using hash functions. The overhead of accessing the kernel area and using a hash function is high. But our system reduces the frequency of accessing the kernel area and using a hash function in safety.

AB - We propose an intrusion detection system. Our system can detect the alteration of data in memory and also can restore altered data. This type of intrusion detection system has been proposed variously so far. But many of them can detect only a part of attacks. And as far as we know, few of them can restore altered data. Our system can detect attacks which can not be detected by existing systems and also can restore altered data. Our system protects data in the kernel area using hash functions. The overhead of accessing the kernel area and using a hash function is high. But our system reduces the frequency of accessing the kernel area and using a hash function in safety.

UR - http://www.scopus.com/inward/record.url?scp=36448965564&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=36448965564&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:36448965564

SN - 0980326702

SN - 9780980326703

T3 - Fourth International Conference on Information Technology and Applications, ICITA 2007

SP - 29

EP - 34

BT - Fourth International Conference on Information Technology and Applications, ICITA 2007

ER -