The Forensix Project

Forensix is supported by the National Science Foundation (NSF) under Grant ANI-0230960. Any opinions, findings, conclusions or recommendations expressed in this material are those of the author and do not necessarily reflect the views of the National Science Foundation.

The goal of the Forensix ("4N6") Project is to allow a system to be monitored so that, in the event of a security compromise, it is easy to track the compromise back to its source. To facilitate this, the system requires two machines: a potentially insecure "front-line" machine, and a known secure back-end. Information about system calls is stored in a MySQL database on the back-end. 4N6 is built on top of SNARE.

The Forensix source code is now available at SourceForge

System architecture

Publications

Ashvin Goel, Wu-chang Feng, Wu-chi Feng, David Maier "Automatic High-Performance Reconstruction and Recovery", Computer Networks, vol. 51, no. 5, pp. 1361-1377, April 2007. pdf

Ashvin Goel, Mike Shea, Sourabh Ahuja, Wu-chang Feng, Wu-chi Feng, David Maier, Jonathan Walpole, "Forensix: A Robust, High-Performance Reconstruction System ", in 19th Symposium on Operating Systems Principles (SOSP) (poster session), October 2003. Abstract: pdf Poster: pdf | sxi

Ashvin Goel, Wu-chang Feng, David Maier, Wu-chi Feng, Jonathan Walpole, "Forensix: A Robust, High-Performance Reconstruction System", in International Conference on Distributed Computing Systems Security Workshop (SDCS-2005), June 2005. Paper: pdf | Full version: pdf

Old stuff

April 2003
March 2003
Roll Counting: A solution to the pid-wrapping problem
Webstone Testing
Kernel Compile Testing
Preliminary Benchmarks
Utility Programs
Database Information
Test Data
HTTP Tests
Throughput Tests

Wu-chang Feng

The Forensix Project

System architecture

Publications

Links

Old stuff