| Kylin系统的内核级Rootkit防护 |
| |
| 引用本文: | 陈斌斌,吴庆波,魏立峰.Kylin系统的内核级Rootkit防护[J].计算机工程,2008,34(22):156-158. |
| |
| 作者姓名: | 陈斌斌 吴庆波 魏立峰 |
| |
| 作者单位: | 国防科学技术大学计算机学院,长沙,410073 |
| |
| 基金项目: | 国家“863”计划基金资助项目“基于虚拟机技术的商业高端刀片服务器系统”(2006AA01Z188) |
| |
| 摘 要: | 内核级rootkit是破坏内核完整性的最大威胁,它主要通过可加载模块方式和文件补丁方式破坏内核完整性。该文提出一种针对内核级rootkit威胁的防护模型,从一个可信根开始,开机引导验证完整性到系统运行时认证可加载模块,整个过程以信任链的形式传递,一级级度量,保证整个过程的可信赖性。讨论了该模型对系统性能的影响。
|
| 关 键 词: | 可信传递 可信度量 完整性 可加载模块 |
| 修稿时间: | |
Kernel Level Rootkit Defense Under Kylin |
| |
| CHEN Bin-bin,WU Qing-bo,WEI Li-feng.Kernel Level Rootkit Defense Under Kylin[J].Computer Engineering,2008,34(22):156-158. |
| |
| Authors: | CHEN Bin-bin WU Qing-bo WEI Li-feng |
| |
| Affiliation: | (School of Computer Science, National University of Defense Technology, Changsha 410073) |
| |
| Abstract: | Kernel level rootkit is the main threat that breaks kernel integrity,which breaks into kernel often through loading a loadable kernel module or patching files that will be loaded into kernel memory.Confronted of such a threat,this paper presents a defense model.From integrity validation in bootstrap to loadable kernel module verification when system is running,the whole process starts from a trusted root,transfers by a trust chain,and one stair attests next stair to guarantee the whole process trustful.The ... |
| |
| Keywords: | transferring of trust measurement of trust integrity loadable module |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
