Security verification method during kernel operation of operation system

An operating system and safety verification technology, which is applied in the safe operation, prevention and removal of the operating system kernel, and the detection of computer operating system kernel viruses, which can solve problems such as counterfeiting security software and being unable to see files infected by viruses

Inactive Publication Date: 2013-12-25
肖楠
View PDF4 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For example, you cannot see files infected by viruses that actually exist, etc.
[0008] 2. Kill or fake security software process

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security verification method during kernel operation of operation system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] The present invention's original method for detecting the legitimacy of the kernel module at runtime only determines whether there are illegal instructions running in the kernel by detecting the identity between the instructions actually running in the kernel and the executable files of the confirmed legal kernel module, so as to ensure The high security of the kernel achieves the purpose of thorough detection and complete prevention of kernel virus intrusion.

[0043] A security verification method for operating system kernel runtime, comprising the following steps:

[0044] Step 1] Confirm the legitimacy of all kernel module files of the target OS:

[0045] Statically confirm the legality of all kernel module files of the target operating system, and save the integrity verification information of all legal kernel modules in the target operating system;

[0046] Step 2] Verify the legitimacy of the loaded modules in the kernel:

[0047]By enumerating the kernel modul...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a security verification method during kernel operation of an operation system. The security verification method comprises the following steps that the validity of all kernel module files of a target operation system is confirmed, the validity of loaded modules in a kernel is verified, the validity verification is carried out on a new kernel module loaded at any time, all entrances switched from the user grade to the privilege grade in a processor are set again, each instruction to be translated required by the binary translation is checked, and the like. The method can be used for computer security software and can be used for fundamentally detecting the computer operation system in the operation for detecting kernel viruses existing in the computer operation system, in addition, the precaution can be carried out on the existing operation system for finding the kernel viruses tried to invade a computer, and in addition, viruses are conditionally cleared. The method belongs to a measure for thoroughly solving the problem of rootkit.

Description

technical field [0001] The invention relates to the field of computer security, in particular to related technologies for detecting, preventing and clearing computer operating system kernel viruses and ensuring the safe operation of the operating system kernel. Background technique [0002] Existing computer information security includes many aspects. Among them, the detection and prevention of malicious programs such as viruses and Trojan horses is an important part of computer security. Among them, viruses that run on the kernel level (kernel level) of the computer operating system and use the technology called rootkit have the highest technical content among computer viruses and are the most difficult to detect, prevent and remove. [0003] A kernel virus refers to a virus that runs at the kernel layer of a computer operating system. The technology that makes viruses run on the kernel layer of the computer operating system is called rootkit technology. [0004] In gene...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57G06F21/51G06F21/56
Inventor 肖楠
Owner 肖楠
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap