Tracing the diffusion of classified information triggered by file open system call

Yoshinari Nomura, Satoshi Hakomori, Kazutoshi Yokoyama, Hideo Taniguchi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Recently, leakage of classified information such as personal information has become serious problem. To prevent the leakage, it is important to know how the information diffuses in a computer system. In this paper, we propose a method for tracing the diffusion of the classified information. We assumed that the classified information exists in a set of files on a file system. These files will be diffused by processes (programs). Once a process touched any classified file, it becomes a suspicious carrier process. The carrier process will make other classified files. Therefore, to keep track of the diffusion, we have to watch all processes to see if they touch any classified files. That is, we have to insert some probes into an operating system to watch file manipulation system-calls of processes such as OPEN and CLOSE. We describe the algorithm of the method and an implementation of the method on the Linux kernel. We also show that the performance of our implementation is efficient.

Original languageEnglish
Title of host publicationCITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.
PublisherInternational Institute of Informatics and Systemics, IIIS
Pages312-317
Number of pages6
Volume2
ISBN (Print)9806560841, 9789806560840
Publication statusPublished - 2006
Event3rd International Conference on Cybernetics and Information Technologies, Systems and Applications, CITSA 2006, Jointly with the 4th International Conference on Computing, Communications and Control Technologies, CCCT 2006 - Orlando, FL, United States
Duration: Jul 20 2006Jul 23 2006

Other

Other3rd International Conference on Cybernetics and Information Technologies, Systems and Applications, CITSA 2006, Jointly with the 4th International Conference on Computing, Communications and Control Technologies, CCCT 2006
CountryUnited States
CityOrlando, FL
Period7/20/067/23/06

Fingerprint

Open systems
Computer systems
Linux

Keywords

  • Diffusion of classified information
  • Operating system
  • Security
  • System software

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems

Cite this

Nomura, Y., Hakomori, S., Yokoyama, K., & Taniguchi, H. (2006). Tracing the diffusion of classified information triggered by file open system call. In CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc. (Vol. 2, pp. 312-317). International Institute of Informatics and Systemics, IIIS.

Tracing the diffusion of classified information triggered by file open system call. / Nomura, Yoshinari; Hakomori, Satoshi; Yokoyama, Kazutoshi; Taniguchi, Hideo.

CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.. Vol. 2 International Institute of Informatics and Systemics, IIIS, 2006. p. 312-317.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Nomura, Y, Hakomori, S, Yokoyama, K & Taniguchi, H 2006, Tracing the diffusion of classified information triggered by file open system call. in CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.. vol. 2, International Institute of Informatics and Systemics, IIIS, pp. 312-317, 3rd International Conference on Cybernetics and Information Technologies, Systems and Applications, CITSA 2006, Jointly with the 4th International Conference on Computing, Communications and Control Technologies, CCCT 2006, Orlando, FL, United States, 7/20/06.
Nomura Y, Hakomori S, Yokoyama K, Taniguchi H. Tracing the diffusion of classified information triggered by file open system call. In CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.. Vol. 2. International Institute of Informatics and Systemics, IIIS. 2006. p. 312-317
Nomura, Yoshinari ; Hakomori, Satoshi ; Yokoyama, Kazutoshi ; Taniguchi, Hideo. / Tracing the diffusion of classified information triggered by file open system call. CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.. Vol. 2 International Institute of Informatics and Systemics, IIIS, 2006. pp. 312-317
@inproceedings{5a7706930cff40d1ad5ec49cf18a4024,
title = "Tracing the diffusion of classified information triggered by file open system call",
abstract = "Recently, leakage of classified information such as personal information has become serious problem. To prevent the leakage, it is important to know how the information diffuses in a computer system. In this paper, we propose a method for tracing the diffusion of the classified information. We assumed that the classified information exists in a set of files on a file system. These files will be diffused by processes (programs). Once a process touched any classified file, it becomes a suspicious carrier process. The carrier process will make other classified files. Therefore, to keep track of the diffusion, we have to watch all processes to see if they touch any classified files. That is, we have to insert some probes into an operating system to watch file manipulation system-calls of processes such as OPEN and CLOSE. We describe the algorithm of the method and an implementation of the method on the Linux kernel. We also show that the performance of our implementation is efficient.",
keywords = "Diffusion of classified information, Operating system, Security, System software",
author = "Yoshinari Nomura and Satoshi Hakomori and Kazutoshi Yokoyama and Hideo Taniguchi",
year = "2006",
language = "English",
isbn = "9806560841",
volume = "2",
pages = "312--317",
booktitle = "CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.",
publisher = "International Institute of Informatics and Systemics, IIIS",

}

TY - GEN

T1 - Tracing the diffusion of classified information triggered by file open system call

AU - Nomura, Yoshinari

AU - Hakomori, Satoshi

AU - Yokoyama, Kazutoshi

AU - Taniguchi, Hideo

PY - 2006

Y1 - 2006

N2 - Recently, leakage of classified information such as personal information has become serious problem. To prevent the leakage, it is important to know how the information diffuses in a computer system. In this paper, we propose a method for tracing the diffusion of the classified information. We assumed that the classified information exists in a set of files on a file system. These files will be diffused by processes (programs). Once a process touched any classified file, it becomes a suspicious carrier process. The carrier process will make other classified files. Therefore, to keep track of the diffusion, we have to watch all processes to see if they touch any classified files. That is, we have to insert some probes into an operating system to watch file manipulation system-calls of processes such as OPEN and CLOSE. We describe the algorithm of the method and an implementation of the method on the Linux kernel. We also show that the performance of our implementation is efficient.

AB - Recently, leakage of classified information such as personal information has become serious problem. To prevent the leakage, it is important to know how the information diffuses in a computer system. In this paper, we propose a method for tracing the diffusion of the classified information. We assumed that the classified information exists in a set of files on a file system. These files will be diffused by processes (programs). Once a process touched any classified file, it becomes a suspicious carrier process. The carrier process will make other classified files. Therefore, to keep track of the diffusion, we have to watch all processes to see if they touch any classified files. That is, we have to insert some probes into an operating system to watch file manipulation system-calls of processes such as OPEN and CLOSE. We describe the algorithm of the method and an implementation of the method on the Linux kernel. We also show that the performance of our implementation is efficient.

KW - Diffusion of classified information

KW - Operating system

KW - Security

KW - System software

UR - http://www.scopus.com/inward/record.url?scp=84898444805&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84898444805&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:84898444805

SN - 9806560841

SN - 9789806560840

VL - 2

SP - 312

EP - 317

BT - CITSA 2006 - 3rd Int. Conf. on Cybernetics and Information Technol., Systems and Applications, Jointly with the 4th Int. Conf. on Computing, Communications and Control Technologies, CCCT 2006 - Proc.

PB - International Institute of Informatics and Systemics, IIIS

ER -