A file integrity checking system to detect and recover from program modification attacks in multi-user computer systems
The purpose of this paper is to identify and contend with the threat of program modification attacks such as computer viruses. A system that detects the presence of a virus is presented. The system is also capable of taking its own automatic countermeasures. The security system is "a posteriori" because it detects viruses only after an infection has occurred. A method to immunize the security system from viral infection is also presented. The a posteriori security system is intended to complement the existing security access controls of a computer system. © 1990.
Computers and Security
McKosky, R., & Shiva, S. (1990). A file integrity checking system to detect and recover from program modification attacks in multi-user computer systems. Computers and Security, 9 (5), 431-446. https://doi.org/10.1016/0167-4048(90)90074-4