| 一种轻量级的Android内核保护监控器 |
| |
| 引用本文: | 杨永,钱振江,黄皓.一种轻量级的Android内核保护监控器[J].计算机工程,2014(4):48-52,56. |
| |
| 作者姓名: | 杨永 钱振江 黄皓 |
| |
| 作者单位: | [1]南京大学计算机软件新技术国家重点实验室,南京210046 [2]计算机科学与技术系,南京210046 |
| |
| 基金项目: | 基金项目:国家“863”计划基金资助项目(2011AA01A202);江苏省“六大人才高峰”高层次人才基金资助项目(2011一DZXX一035);江苏省高校自然科学研究基金资助项目(12KJB520001). |
| |
| 摘 要: | 为阻止针对Android系统内核的攻击,保护Android系统内核不被破坏,设计一种基于ARM平台轻量级的hypervisor监控器架构。该架构利用ARM硬件虚拟化扩展技术,对不信任模块进行隔离,阻止模块中恶意代码对内核的破坏,保护关键对象不被篡改,并基于hypervisor、利用交叉视图检测rootkit。实验结果表明,该架构能及时阻止对被监控对象的修改,快速检测出rootkit威胁,减少系统被攻击后带来的损失。
|
| 关 键 词: | 移动操作系统 内核 安全 虚拟化 rootkit检测 |
A Lightweight Monitor for Android Kernel Protection |
| |
| YANG Yong,QIAN Zhen-jiang,HUANG Hao.A Lightweight Monitor for Android Kernel Protection[J].Computer Engineering,2014(4):48-52,56. |
| |
| Authors: | YANG Yong QIAN Zhen-jiang HUANG Hao |
| |
| Affiliation: | (a. State Key Laboratory for Novel Software Technology b. Department of Computer Science and Technology, Nanjing University, Nanjing 210046, China) |
| |
| Abstract: | In order to prevent the kemel attack within Android system and protect the kernel of Android system, this paper designs a lightweight hypervisor monitoring architecture based on ARM platform. By applying ARM virtualization technology and isolating un-trusted module, this architecture prevents malicious code damage to kernel and the falsification of key objects within the kernel. Moreover, it can detect rootkit with cross view. Experimental results show that this architecture can promptly stop the falsification of monitoring object and quickly detect rootkit and thus reduce the loss of attack on system. |
| |
| Keywords: | mobile operating system kernel security virtualization rootkit detection |
| 本文献已被 维普 等数据库收录! |
