AccountabilityFS: A File System Monitor for Forensic Readiness
Chapter
Accepted version
Åpne
Permanent lenke
http://hdl.handle.net/11250/2639688Utgivelsesdato
2014Metadata
Vis full innførselSamlinger
Originalversjon
10.1109/JISIC.2014.61Sammendrag
We present a file system monitor, AccountabilityFS, which prepares an organization for forensic analysis and incident investigation in advance by ensuring file system operation traces readily available. We demonstrate the feasibility of AccountabilityFS in terms of performance and storage overheads, and prove its reliability against malware attacks. AccountabilityFS: A File System Monitor for Forensic Readiness