Presentation is loading. Please wait.

Presentation is loading. Please wait.

ABHIJIT PATHAK ABHIJIT PATHAK. Roadmap Introduction Introduction System Overview System Overview System Architecture System Architecture Detailed Design.

Published byAbner Rodgers Modified over 9 years ago

Similar presentations

Presentation on theme: "ABHIJIT PATHAK ABHIJIT PATHAK. Roadmap Introduction Introduction System Overview System Overview System Architecture System Architecture Detailed Design."— Presentation transcript:

1 ABHIJIT PATHAK ABHIJIT PATHAK

2 Roadmap Introduction Introduction System Overview System Overview System Architecture System Architecture Detailed Design Detailed Design Fault Tolerance Fault Tolerance Results Results Future Work Future Work

3 Introduction Inherent security threats in networking Inherent security threats in networking What is a file integrity checker ? What is a file integrity checker ? Concept of mobile agents Concept of mobile agents File Integrity checker with mobile Agents File Integrity checker with mobile Agents

4 System Overview Ajanta Mobile Agent Platform Ajanta Mobile Agent Platform FileProc Agent and FileMon Agent FileProc Agent and FileMon Agent Two Phase Operation of System Two Phase Operation of System Initialization Phase Initialization Phase Monitoring Phase Monitoring Phase User Interface User Interface

5 System Architecture Ajanta Architecture Overview Ajanta Architecture Overview File Integrity Checker Architecture File Integrity Checker Architecture

6 File Integrity Checker Architecture Host A Launching Host Host BHost C Agent Server Launcher FMFM FP Database FMFM FMFM FMFM FM – File Monitor Agent FP – File Processor Agent FP – File Processor Agent

7 Design Alternatives Agent Carrying File signatures Agent Carrying File signatures Agent Carrying File Names Agent Carrying File Names Implementation Decision Factors Implementation Decision Factors Avoid carrying signatures Avoid carrying signatures Lightweight Agents Lightweight Agents

8 Important Features Usability and Flexibility Usability and Flexibility Creation of multiple Agent pairs Creation of multiple Agent pairs Monitoring with various frequencies Monitoring with various frequencies Catering to different monitoring attributes Catering to different monitoring attributes

9 Monitoring Options Host Based Settings Host Based Settings Recursive monitoring of directories Recursive monitoring of directories Non-recursive monitoring of directories Non-recursive monitoring of directories Exclusion of files/directories Exclusion of files/directories File/Directory based settings File/Directory based settings Specifying various attributes Specifying various attributes

10 Configuration File host:newton.cs.umn.edu /home/grad09/apathak/proj-a !/usr/lib/link_audit/64 /usr/include-ab =/dev-ai

11 Configuration Flags -a:Ignore changes in last access time -m:Ignore changes in last modification time -c:Ignore changes in file creation time -i:Ignore change in i-node information -u:Ignore change in user id of file owner -g: Ignore change in group id of file owner -s:Ignore change in file size -b:Ignore change in allocated disk blocks for file -p: Ignore change in access permissions -h:Ignore change in the file contents hash value

12 Launcher Extension of Agent Server Extension of Agent Server Parsing the Configuration file and generating itinerary Parsing the Configuration file and generating itinerary Creation and Launch of Agents Creation and Launch of Agents User Interface thread User Interface thread Three Launching Modes Three Launching Modes Initialization and Monitoring Initialization and Monitoring Initialize only Initialize only Monitor Only Monitor Only

13 Database Design Signature Tables Signature Tables File Attributes with hostnames File Attributes with hostnames Directory-file name mapping tables Directory-file name mapping tables Event Table Event Table File Added Event File Added Event File Deleted Event File Deleted Event File Changed Event File Changed Event Report Generator tool Report Generator tool

14 Fault Tolerance Failure of Agent Server Failure of Agent Server Additional intelligence in Agents Additional intelligence in Agents Failure of Agents Failure of Agents User configurable timeout mechanism User configurable timeout mechanism

15 Results The System is deployed on 15 hosts The System is deployed on 15 hosts Average statistics per host Average statistics per host Number of files :8830 Number of files :8830 File size (in bytes) :20757 File size (in bytes) :20757 Bytes sent per file :175 Bytes sent per file :175 Agent residency time :Approx 8 minutes Agent residency time :Approx 8 minutes Type of files being monitored Type of files being monitored System Binaries System Binaries System Libraries System Libraries System Header files System Header files

16 Results The following scenarios were detected successfully The following scenarios were detected successfully Changing contents of log files by removing or adding single and/or multiple lines Changing contents of log files by removing or adding single and/or multiple lines Changing owner information of file Changing owner information of file Moving files to and from various directories Moving files to and from various directories Replacing binary file with another file with same name and size Replacing binary file with another file with same name and size

17 Results Removing entire directory recursively with all files in it Removing entire directory recursively with all files in it Changing file deep in directory hierarchy for recursive monitoring mode Changing file deep in directory hierarchy for recursive monitoring mode Changing access times of the files by opening those without modifications Changing access times of the files by opening those without modifications

18 Future work Sensing the load on hosts before launching Agents Sensing the load on hosts before launching Agents Customizing Report Generating tool Customizing Report Generating tool Integration of Launcher and Report Generation UI Integration of Launcher and Report Generation UI Porting System to various platforms including windows NT Porting System to various platforms including windows NT

19 Thank You

Download ppt "ABHIJIT PATHAK ABHIJIT PATHAK. Roadmap Introduction Introduction System Overview System Overview System Architecture System Architecture Detailed Design."

Similar presentations

Module 13: Performance Tuning. Overview Performance tuning methodologies Instance level Database level Application level Overview of tools and techniques.

Module 13: Performance Tuning. Overview Performance tuning methodologies Instance level Database level Application level Overview of tools and techniques.
SQL Server Accelerator for Business Intelligence (SSABI)

SQL Server Accelerator for Business Intelligence (SSABI)
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Contiki A Lightweight and Flexible Operating System for Tiny Networked Sensors Presented by: Jeremy Schiff.

Contiki A Lightweight and Flexible Operating System for Tiny Networked Sensors Presented by: Jeremy Schiff.
Lecture 10: The FAT, VFAT, and NTFS Filesystems 6/17/2003 CSCE 590 Summer 2003.

Lecture 10: The FAT, VFAT, and NTFS Filesystems 6/17/2003 CSCE 590 Summer 2003.
11.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

11.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.

Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.
Figure 1.1 Interaction between applications and the operating system.

Figure 1.1 Interaction between applications and the operating system.
Security SIG: Introduction to Tripwire Chris Harwood John Ives.

Security SIG: Introduction to Tripwire Chris Harwood John Ives.
(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.

(NHA) The Laboratory of Computer Communication and Networking Network Host Analyzer.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Firefox 2 Feature Proposal: Remote User Profiles TeamOne August 3, 2007 TeamOne August 3, 2007.

Firefox 2 Feature Proposal: Remote User Profiles TeamOne August 3, 2007 TeamOne August 3, 2007.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.

Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.
Maintaining Windows Server 2008 File Services

Maintaining Windows Server 2008 File Services
11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.

11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
GDC Workshop Session 1 - Storage 2003/11. Agenda NAS Quick installation (15 min) Major functions demo (30 min) System recovery (10 min) Disassembly (20.

GDC Workshop Session 1 - Storage 2003/11. Agenda NAS Quick installation (15 min) Major functions demo (30 min) System recovery (10 min) Disassembly (20.
File System. NET+OS 6 File System Architecture Design Goals File System Layer Design Storage Services Layer Design RAM Services Layer Design Flash Services.

File System. NET+OS 6 File System Architecture Design Goals File System Layer Design Storage Services Layer Design RAM Services Layer Design Flash Services.

Similar presentations

Ads by Google