Please use this identifier to cite or link to this item:
|Title:||A user-level framework for auditing and monitoring||Authors:||Wu, Y.
|Issue Date:||2005||Citation:||Wu, Y.,Yap, R.H.C. (2005). A user-level framework for auditing and monitoring. Proceedings - Annual Computer Security Applications Conference, ACSAC 2005 : 95-105. ScholarBank@NUS Repository. https://doi.org/10.1109/CSAC.2005.8||Abstract:||Logging and auditing is an important system facility for monitoring correct system operation and for detecting potential security problems. We present an architecture for implementing user-level auditing monitors which: (i) does not require superuser privileges; (ii) makes it simple to create user defined monitors which are transparent; and (iii) provides security guarantees such as mandatory and reliable monitoring while maintaining confidentiality of setuid processes. We avoid problems of self-referential monitoring. Monitor use policies can be specified to increase flexibility. We show that our framework can be tailored so that it is very efficient with low overhead on macro and micro benchmarks. This demonstrates that it is feasible to make use of arbitrary and programmable user-level monitors for system security and auditing applications. © 2005 IEEE.||Source Title:||Proceedings - Annual Computer Security Applications Conference, ACSAC||URI:||http://scholarbank.nus.edu.sg/handle/10635/42189||ISBN:||0769524613||ISSN:||10639527||DOI:||10.1109/CSAC.2005.8|
|Appears in Collections:||Staff Publications|
Show full item record
Files in This Item:
There are no files associated with this item.
checked on Jun 24, 2019
checked on Jun 22, 2019
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.