Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Issue title: Special Supplement Issue in Section A and B: Selected Papers from the ISCA International Conference on Software Engineering and Data Engineering, 2011
Guest editors: Narayan C. Debnath
Article type: Research Article
Authors: Das, Suvrojit; * | Kumar, Mohit | Ghosh, D.
Affiliations: National Institute of Technology, Durgapur, India | Department of Computer Science, Winona State University, Winona, MN, USA
Correspondence: [*] Corresponding author: Suvrojit Das, National Institute of Technology, M.G. Avenue, Durgapur 713209, India. Tel.: +91 9734294105.
Abstract: The National Institute of Standards and Technology [1] lists the importance of preservation of file time stamps for forensic and intrusion detection purposes. Most operating systems keep track of certain timestamps related to files, the most commonly used timestamps being modification, access, er, UNIX based Operating systems retain the last modification, last inode change, and last access times. This relates to the fact that operating systems only have the most recently updated file timestamp information, which along with any inaccuracies does not guarantee a successful recreation of timeline of events, for an effective incident response. This paper proposes a novel approach in terms of augmenting the core of pathname lookup operation in the LINUX kernel, towards accurate and authentic preservation of file time stamps of system wide critical files.
Keywords: Modification, access and creation date and time stamp, Host Based Intrusion Detection System (HIDS), Virtual File System (VFS), kernel function, nameidata and dentry data structures
DOI: 10.3233/JCM-2012-0438
Journal: Journal of Computational Methods in Sciences and Engineering, vol. 12, no. s1, pp. S79-S89, 2012
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl