Security and Privacy in Communication Networks. 7th International ICST Conference, SecureComm 2011, London, UK, September 7-9, 2011, Revised Selected Papers

Research Article

Trading Elephants for Ants: Efficient Post-attack Reconstitution

Download
262 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-642-31909-9_27,
    author={Meixing Le and Zhaohui Wang and Quan Jia and Angelos Stavrou and Anup Ghosh and Sushil Jajodia},
    title={Trading Elephants for Ants: Efficient Post-attack Reconstitution},
    proceedings={Security and Privacy in Communication Networks. 7th International ICST Conference, SecureComm 2011, London, UK, September 7-9, 2011, Revised Selected Papers},
    proceedings_a={SECURECOMM},
    year={2012},
    month={10},
    keywords={Data Provenance Causal Dependency System Recovery},
    doi={10.1007/978-3-642-31909-9_27}
}
  • Meixing Le
    Zhaohui Wang
    Quan Jia
    Angelos Stavrou
    Anup Ghosh
    Sushil Jajodia
    Year: 2012
    Trading Elephants for Ants: Efficient Post-attack Reconstitution
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-642-31909-9_27
Meixing Le1,*, Zhaohui Wang1,*, Quan Jia1,*, Angelos Stavrou1,*, Anup Ghosh1,*, Sushil Jajodia1,*
  • 1: George Mason University
*Contact email: mlep@gmu.edu, zwange@gmu.edu, qjia@gmu.edu, astavrou@gmu.edu, aghosh1@gmu.edu, jajodia@gmu.edu

Abstract

While security has become a first-class consideration in systems’ design and operation, most of the commercial and research efforts have been focused on detection, prevention, and forensic analysis of attacks. Relatively little work has gone into efficient recovery of application and data after a compromise. Administrators and end-users are faced with the arduous task of cleansing the affected machines. Restoring the system using snapshot is disruptive and it can lead to data loss.

Keywords
Data Provenance Causal Dependency System Recovery
Published
2012-10-08
http://dx.doi.org/10.1007/978-3-642-31909-9_27
Copyright © 2011–2024 ICST