|
|
中国科学院研究生院学报 2008
A model of efficient intrusion recovery solution based on log-structured file system
|
Abstract:
Data content stored in computer systems are more crucial than ever before. Compromised computer systems always suffer from data contaminations in both system and user files, therefore intrusion recovery methods are indispensable today. Existing intrusion recovery methods have shortcomings in certain aspects because, in our observation, the file systems on which these methods work are not inherently apt to realize recovery. In contrast, Log-Structured File System (LFS) is ideal to perform various intrusion recovery algorithms. We explain our claims theoretically, propose data recovery algorithm, validate it in SimuLFS, the LFS simulator we built, and test it in real LFS environment in FreeBSD. Experiment results indicate that even very simple recovery algorithm can achieve fast file recovery from almost any state of the disk, with little throughput degradation, guarantee accuracy, require no extra storage requirements and minimal changes to any original LFS code.
