Journal Article10.3233/JCS-2003-11303
A checksum-based corruption detection technique
7
TL;DR: A technique called Check2 is presented that also relies on signatures for detecting corruption of files and guarantees that any change of a file and the corresponding signature will require an attacker to perform a very lengthy chain of precise changes to successfully complete the corruption in an undetected manner.
read more
Abstract: We consider the problem of malicious attacks that lead to corruption of files in a file system. A typical method to detect such corruption is to compute signatures of all the files and store these signatures in a secure place. A malicious modification of a file can be detected by verifying the signature. This method, however, leaves the system vulnerable to an attacker who has access to some of the files and the signatures (but not the signing transformation) and who replaces some of the files by their old versions and the corresponding signatures by the signatures of the old versions.In this paper, we present a technique called Check2 that also relies on signatures for detecting corruption of files. The novel feature of our approach is that we compute additional levels of signatures to guarantee that any change of a file and the corresponding signature will require an attacker to perform a very lengthy chain of precise changes to successfully complete the corruption in an undetected manner. If an attacker fails to complete all the required changes, Check2 can be used to pinpoint which files have been corrupted. Two alternative ways of implementing Check2 are offered, the first using a deterministic way of combining signatures and the second using a randomized scheme. Our results show that the overhead added to the system is minimal.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
A novel watermarking scheme for detecting and recovering distortions in database tables
TL;DR: A novel fragile watermarking scheme is proposed to detect, localize and recover malicious modifications in relational databases and results show that this scheme is so qualified that distortion detection and true data recovery both are performed successfully.
•Posted Content
A Novel Watermarking Scheme for Detecting and Recovering Distortions in Database Tables
TL;DR: In this article, a fragile watermarking scheme is proposed to detect, localize and recover malicious modifications in relational databases, where all tuples in the database are first securely divided into groups and watermarks are embedded and verified group-by-group independently.
20
Security and scalability of remote entrusting protection
Vasily Desnitsky,Igor Kotenko +1 more
- 08 Sep 2010
TL;DR: The goal of the paper is to propose a technique allowing choosing the most effective combination of different protection methods to apply, aimed at finding a trade-off between performance of the protection mechanism and its security, ensuring both a necessary security level and an appropriate scalability.
2
Patent
Method and system providing extended and end-to-end data integrity through database and other system layers
Blair K. Adamache,Kenneth Wayne Boyd,Robert Frederic Kern,Jeffrey W. Palm,Mark Francis Wilding +4 more
- 26 Sep 2007
TL;DR: In this article, the authors propose an end-to-end data integrity system where at least a portion of data protection is provided for the information, the data protection causing the information to be protected from corruption between a system layer and the physical storage medium where the system layer is a separate layer provided closer to the application end of the system than the database server layer.
2
References
A √N algorithm for mutual exclusion in decentralized systems
TL;DR: An algorithm is presented that uses only only c√N messages to create mutual exclusion in a computernetwork, where N is the number of nodes and c is a constant between 3 and 5.
Experiences with Tripwire: Using Integrity Checkers for Intrusion Detection
Gene Kim,Eugene H. Spafford +1 more
- 01 Jan 1994
TL;DR: An overview of Trip wire is described, emphasizing the salient aspects of Tripwire configuration that supports its use at sites employing modern variants of the UNIX operating system, and experiences with how Tripwire has been used in “in the field” are presented.
A fast software one-way hash function
TL;DR: This work presents a candidate one-way hash function which appears to have these desirable properties; resistant to cryptographic attack, and fast when implemented in software.
139
A class of randomized strategies for low-cost comparison of file copies
Daniel Barbará,R.J. Lipton +1 more
TL;DR: A class of algorithms that use randomized signatures to compare remotely located file copies is presented and a comparison of these techniques is discussed.
45