Tracing the diffusion of classified information triggered by file open system call

Yoshinari Nomura; Satoshi Hakomori; Kazutoshi Yokoyama; Hideo Taniguchi

Tracing the diffusion of classified information triggered by file open system call

Yoshinari Nomura, Satoshi Hakomori, Kazutoshi Yokoyama, Hideo Taniguchi

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Recently, leakage of classified information such as personal information has become serious problem. To prevent the leakage, it is important to know how the information diffuses in a computer system. In this paper, we propose a method for tracing the diffusion of the classified information. We assumed that the classified information exists in a set of files on a file system. These files will be diffused by processes (programs). Once a process touched any classified file, it becomes a suspicious carrier process. The carrier process will make other classified files. Therefore, to keep track of the diffusion, we have to watch all processes to see if they touch any classified files. That is, we have to insert some probes into an operating system to watch file manipulation system-calls of processes such as OPEN and CLOSE. We describe the algorithm of the method and an implementation of the method on the Linux kernel. We also show that the performance of our implementation is efficient.

Original language	English
Title of host publication	CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.
Publisher	International Institute of Informatics and Systemics, IIIS
Pages	312-317
Number of pages	6
ISBN (Print)	9806560841, 9789806560840
Publication status	Published - Jan 1 2006
Event	3rd International Conference on Cybernetics and Information Technologies, Systems and Applications, CITSA 2006, Jointly with the 4th International Conference on Computing, Communications and Control Technologies, CCCT 2006 - Orlando, FL, United States Duration: Jul 20 2006 → Jul 23 2006

Publication series

Name	CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.
Volume	2

Other

Other	3rd International Conference on Cybernetics and Information Technologies, Systems and Applications, CITSA 2006, Jointly with the 4th International Conference on Computing, Communications and Control Technologies, CCCT 2006
Country/Territory	United States
City	Orlando, FL
Period	7/20/06 → 7/23/06

Keywords

Diffusion of classified information
Operating system
Security
System software

ASJC Scopus subject areas

Computer Networks and Communications
Information Systems

Cite this

Nomura, Y., Hakomori, S., Yokoyama, K., & Taniguchi, H. (2006). Tracing the diffusion of classified information triggered by file open system call. In CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc. (pp. 312-317). (CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.; Vol. 2). International Institute of Informatics and Systemics, IIIS.

Tracing the diffusion of classified information triggered by file open system call. / Nomura, Yoshinari; Hakomori, Satoshi; Yokoyama, Kazutoshi et al.
CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.. International Institute of Informatics and Systemics, IIIS, 2006. p. 312-317 (CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.; Vol. 2).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Nomura, Y, Hakomori, S, Yokoyama, K & Taniguchi, H 2006, Tracing the diffusion of classified information triggered by file open system call. in CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.. CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc., vol. 2, International Institute of Informatics and Systemics, IIIS, pp. 312-317, 3rd International Conference on Cybernetics and Information Technologies, Systems and Applications, CITSA 2006, Jointly with the 4th International Conference on Computing, Communications and Control Technologies, CCCT 2006, Orlando, FL, United States, 7/20/06.

Nomura Y, Hakomori S, Yokoyama K, Taniguchi H. Tracing the diffusion of classified information triggered by file open system call. In CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.. International Institute of Informatics and Systemics, IIIS. 2006. p. 312-317. (CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.).

Nomura, Yoshinari ; Hakomori, Satoshi ; Yokoyama, Kazutoshi et al. / Tracing the diffusion of classified information triggered by file open system call. CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.. International Institute of Informatics and Systemics, IIIS, 2006. pp. 312-317 (CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.).

@inproceedings{5a7706930cff40d1ad5ec49cf18a4024,

title = "Tracing the diffusion of classified information triggered by file open system call",

abstract = "Recently, leakage of classified information such as personal information has become serious problem. To prevent the leakage, it is important to know how the information diffuses in a computer system. In this paper, we propose a method for tracing the diffusion of the classified information. We assumed that the classified information exists in a set of files on a file system. These files will be diffused by processes (programs). Once a process touched any classified file, it becomes a suspicious carrier process. The carrier process will make other classified files. Therefore, to keep track of the diffusion, we have to watch all processes to see if they touch any classified files. That is, we have to insert some probes into an operating system to watch file manipulation system-calls of processes such as OPEN and CLOSE. We describe the algorithm of the method and an implementation of the method on the Linux kernel. We also show that the performance of our implementation is efficient.",

keywords = "Diffusion of classified information, Operating system, Security, System software",

author = "Yoshinari Nomura and Satoshi Hakomori and Kazutoshi Yokoyama and Hideo Taniguchi",

year = "2006",

month = jan,

day = "1",

language = "English",

isbn = "9806560841",

series = "CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.",

publisher = "International Institute of Informatics and Systemics, IIIS",

pages = "312--317",

booktitle = "CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.",

note = "3rd International Conference on Cybernetics and Information Technologies, Systems and Applications, CITSA 2006, Jointly with the 4th International Conference on Computing, Communications and Control Technologies, CCCT 2006 ; Conference date: 20-07-2006 Through 23-07-2006",

}

TY - GEN

T1 - Tracing the diffusion of classified information triggered by file open system call

AU - Nomura, Yoshinari

AU - Hakomori, Satoshi

AU - Yokoyama, Kazutoshi

AU - Taniguchi, Hideo

PY - 2006/1/1

Y1 - 2006/1/1

N2 - Recently, leakage of classified information such as personal information has become serious problem. To prevent the leakage, it is important to know how the information diffuses in a computer system. In this paper, we propose a method for tracing the diffusion of the classified information. We assumed that the classified information exists in a set of files on a file system. These files will be diffused by processes (programs). Once a process touched any classified file, it becomes a suspicious carrier process. The carrier process will make other classified files. Therefore, to keep track of the diffusion, we have to watch all processes to see if they touch any classified files. That is, we have to insert some probes into an operating system to watch file manipulation system-calls of processes such as OPEN and CLOSE. We describe the algorithm of the method and an implementation of the method on the Linux kernel. We also show that the performance of our implementation is efficient.

AB - Recently, leakage of classified information such as personal information has become serious problem. To prevent the leakage, it is important to know how the information diffuses in a computer system. In this paper, we propose a method for tracing the diffusion of the classified information. We assumed that the classified information exists in a set of files on a file system. These files will be diffused by processes (programs). Once a process touched any classified file, it becomes a suspicious carrier process. The carrier process will make other classified files. Therefore, to keep track of the diffusion, we have to watch all processes to see if they touch any classified files. That is, we have to insert some probes into an operating system to watch file manipulation system-calls of processes such as OPEN and CLOSE. We describe the algorithm of the method and an implementation of the method on the Linux kernel. We also show that the performance of our implementation is efficient.

KW - Diffusion of classified information

KW - Operating system

KW - Security

KW - System software

UR - http://www.scopus.com/inward/record.url?scp=84898444805&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84898444805&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:84898444805

SN - 9806560841

SN - 9789806560840

T3 - CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.

SP - 312

EP - 317

BT - CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.

PB - International Institute of Informatics and Systemics, IIIS

T2 - 3rd International Conference on Cybernetics and Information Technologies, Systems and Applications, CITSA 2006, Jointly with the 4th International Conference on Computing, Communications and Control Technologies, CCCT 2006

Y2 - 20 July 2006 through 23 July 2006

ER -

Tracing the diffusion of classified information triggered by file open system call

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Other files and links

Fingerprint

Cite this