ABHIJIT PATHAK ABHIJIT PATHAK. Roadmap Introduction Introduction System Overview System Overview System Architecture System Architecture Detailed Design.

Slides:



Advertisements
Similar presentations
Module 13: Performance Tuning. Overview Performance tuning methodologies Instance level Database level Application level Overview of tools and techniques.
Advertisements

SQL Server Accelerator for Business Intelligence (SSABI)
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Contiki A Lightweight and Flexible Operating System for Tiny Networked Sensors Presented by: Jeremy Schiff.
Lecture 10: The FAT, VFAT, and NTFS Filesystems 6/17/2003 CSCE 590 Summer 2003.
11.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.
Figure 1.1 Interaction between applications and the operating system.
Security SIG: Introduction to Tripwire Chris Harwood John Ives.
(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Firefox 2 Feature Proposal: Remote User Profiles TeamOne August 3, 2007 TeamOne August 3, 2007.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.
Maintaining Windows Server 2008 File Services
11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
GDC Workshop Session 1 - Storage 2003/11. Agenda NAS Quick installation (15 min) Major functions demo (30 min) System recovery (10 min) Disassembly (20.
File System. NET+OS 6 File System Architecture Design Goals File System Layer Design Storage Services Layer Design RAM Services Layer Design Flash Services.
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Computer System Lifecycle Chapter 1. Introduction Computer System users, administrators, and designers are all interested in performance evaluation. Whether.
Access Control Module 8. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A vSphere Environment Introduction to VMware.
Achieving Qualities 1 Võ Đình Hiếu. Contents Architecture tactics Availability tactics Security tactics Modifiability tactics 2.
Tripwire Enterprise Server Rule Sets Vincent Fox, Doreen Meyer, and Paul Singh UC Davis, Information and Educational Technology July 25, 2006.
Hands-On Microsoft Windows Server 2008
Session 10 Windows Platform Eng. Dina Alkhoudari.
Module 3: Managing Database Files. Overview Introduction to Data Structures Creating Databases Managing Databases Placing Database Files and Logs Optimizing.
Oracle10g RAC Service Architecture Overview of Real Application Cluster Ready Services, Nodeapps, and User Defined Services.
1 Security and Agent Based Computing Environment Presented by: Feng Zhang, Markus Kaiser, Hien Nguyen, and Shu Wang.
An XMPP (Extensible Message and Presence Protocol) based implementation for NHIN Direct 1.
Window NT File System JianJing Cao (#98284).
Silberschatz, Galvin and Gagne  Operating System Concepts File Concept Contiguous logical address space Smallest user allocation Non-volatile.
11 MANAGING AND DISTRIBUTING SOFTWARE BY USING GROUP POLICY Chapter 5.
CSCI 530 Lab Intrusion Detection Systems IDS. A collection of techniques and methodologies used to monitor suspicious activities both at the network and.
Contents 1.Introduction, architecture 2.Live demonstration 3.Extensibility.
Windows 2000 Course Summary Computing Department, Lancaster University, UK.
Computer Emergency Notification System (CENS)
Copyright © George Coulouris, Jean Dollimore, Tim Kindberg This material is made available for private study and for direct.
1 Week #10Business Continuity Backing Up Data Configuring Shadow Copies Providing Server and Service Availability.
Module 3 Planning and Deploying Mailbox Services.
NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.
Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.
Module 7 Planning and Deploying Messaging Compliance.
New Project Model Primary author: Mikhail Sennikovsky Contributors: Leo Treggiari Intel Corp. September, 2006.
Experience Sharing in Mobile Peer Communities EPI Planete, INRIA International Consortium Meeting (Oulou) 10 June, 2009.
Computer Science Lecture 19, page 1 CS677: Distributed OS Last Class: Fault tolerance Reliable communication –One-one communication –One-many communication.
I MPLEMENTING FILES. Contiguous Allocation:  The simplest allocation scheme is to store each file as a contiguous run of disk blocks (a 50-KB file would.
UNIX & Windows NT Name: Jing Bai ID: Date:8/28/00.
Module 10: Windows Firewall and Caching Fundamentals.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition Chapter 10 & 11: File-System Interface and Implementation.
1 Chapter 13: RADIUS in Remote Access Designs Designs That Include RADIUS Essential RADIUS Design Concepts Data Protection in RADIUS Designs RADIUS Design.
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
Service Pack 2 System Center Configuration Manager 2007.
ECHO A System Monitoring and Management Tool Yitao Duan and Dawey Huang.
CHAPTER Windows Server Management. Chapter Objectives Give an overview of the Server Manager Provide details of accessing the Server Manager Explain the.
Module 6: Administering Reporting Services. Overview Server Administration Performance and Reliability Monitoring Database Administration Security Administration.
 Introduction  Tripwire For Servers  Tripwire Manager  Tripwire For Network Devices  Working Of Tripwire  Advantages  Conclusion.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring Windows Server 2008 Printing.
Metric Studio Cognos 8 BI. Objectives  In this module, we will examine:  Concepts and Overview  An Introduction to Metric Studio  Cognos 8 BI Integration.
ECAT 4.1 – Rule Your Endpoints What’s New Customer Overview.
IDS And Tripwire Rayhan Mir COSC 356. What is IDS IDS - Intrusion detection system Primary function – To monitor network or host resources to detect intrusions.
TIBCO Business Events Online Training. Introduction to TIBCO BE Tibco Business Events is complex event processing software with a powerful engine enables.
A Solution for Maintaining File Integrity within an Online Data Archive Dan Scholes PDS Geosciences Node Washington University 1.
October 2014 HYBRIS ARCHITECTURE & TECHNOLOGY 01 OVERVIEW.
Maintaining Windows Server 2008 File Services
Securing the Network Perimeter with ISA 2004
IBM INFORMIX online Training in Hyderabad
Oracle Solaris Zones Study Purpose Only
Database Systems Instructor Name: Lecture-3.
Presentation transcript:

ABHIJIT PATHAK ABHIJIT PATHAK

Roadmap Introduction Introduction System Overview System Overview System Architecture System Architecture Detailed Design Detailed Design Fault Tolerance Fault Tolerance Results Results Future Work Future Work

Introduction Inherent security threats in networking Inherent security threats in networking What is a file integrity checker ? What is a file integrity checker ? Concept of mobile agents Concept of mobile agents File Integrity checker with mobile Agents File Integrity checker with mobile Agents

System Overview Ajanta Mobile Agent Platform Ajanta Mobile Agent Platform FileProc Agent and FileMon Agent FileProc Agent and FileMon Agent Two Phase Operation of System Two Phase Operation of System Initialization Phase Initialization Phase Monitoring Phase Monitoring Phase User Interface User Interface

System Architecture Ajanta Architecture Overview Ajanta Architecture Overview File Integrity Checker Architecture File Integrity Checker Architecture

File Integrity Checker Architecture Host A Launching Host Host BHost C Agent Server Launcher FMFM FP Database FMFM FMFM FMFM FM – File Monitor Agent FP – File Processor Agent FP – File Processor Agent

Design Alternatives Agent Carrying File signatures Agent Carrying File signatures Agent Carrying File Names Agent Carrying File Names Implementation Decision Factors Implementation Decision Factors Avoid carrying signatures Avoid carrying signatures Lightweight Agents Lightweight Agents

Important Features Usability and Flexibility Usability and Flexibility Creation of multiple Agent pairs Creation of multiple Agent pairs Monitoring with various frequencies Monitoring with various frequencies Catering to different monitoring attributes Catering to different monitoring attributes

Monitoring Options Host Based Settings Host Based Settings Recursive monitoring of directories Recursive monitoring of directories Non-recursive monitoring of directories Non-recursive monitoring of directories Exclusion of files/directories Exclusion of files/directories File/Directory based settings File/Directory based settings Specifying various attributes Specifying various attributes

Configuration File host:newton.cs.umn.edu /home/grad09/apathak/proj-a !/usr/lib/link_audit/64 /usr/include-ab =/dev-ai

Configuration Flags -a:Ignore changes in last access time -m:Ignore changes in last modification time -c:Ignore changes in file creation time -i:Ignore change in i-node information -u:Ignore change in user id of file owner -g: Ignore change in group id of file owner -s:Ignore change in file size -b:Ignore change in allocated disk blocks for file -p: Ignore change in access permissions -h:Ignore change in the file contents hash value

Launcher Extension of Agent Server Extension of Agent Server Parsing the Configuration file and generating itinerary Parsing the Configuration file and generating itinerary Creation and Launch of Agents Creation and Launch of Agents User Interface thread User Interface thread Three Launching Modes Three Launching Modes Initialization and Monitoring Initialization and Monitoring Initialize only Initialize only Monitor Only Monitor Only

Database Design Signature Tables Signature Tables File Attributes with hostnames File Attributes with hostnames Directory-file name mapping tables Directory-file name mapping tables Event Table Event Table File Added Event File Added Event File Deleted Event File Deleted Event File Changed Event File Changed Event Report Generator tool Report Generator tool

Fault Tolerance Failure of Agent Server Failure of Agent Server Additional intelligence in Agents Additional intelligence in Agents Failure of Agents Failure of Agents User configurable timeout mechanism User configurable timeout mechanism

Results The System is deployed on 15 hosts The System is deployed on 15 hosts Average statistics per host Average statistics per host Number of files :8830 Number of files :8830 File size (in bytes) :20757 File size (in bytes) :20757 Bytes sent per file :175 Bytes sent per file :175 Agent residency time :Approx 8 minutes Agent residency time :Approx 8 minutes Type of files being monitored Type of files being monitored System Binaries System Binaries System Libraries System Libraries System Header files System Header files

Results The following scenarios were detected successfully The following scenarios were detected successfully Changing contents of log files by removing or adding single and/or multiple lines Changing contents of log files by removing or adding single and/or multiple lines Changing owner information of file Changing owner information of file Moving files to and from various directories Moving files to and from various directories Replacing binary file with another file with same name and size Replacing binary file with another file with same name and size

Results Removing entire directory recursively with all files in it Removing entire directory recursively with all files in it Changing file deep in directory hierarchy for recursive monitoring mode Changing file deep in directory hierarchy for recursive monitoring mode Changing access times of the files by opening those without modifications Changing access times of the files by opening those without modifications

Future work Sensing the load on hosts before launching Agents Sensing the load on hosts before launching Agents Customizing Report Generating tool Customizing Report Generating tool Integration of Launcher and Report Generation UI Integration of Launcher and Report Generation UI Porting System to various platforms including windows NT Porting System to various platforms including windows NT

Thank You