Supercharge Your Innovation With Domain-Expert AI Agents!

ELF file identification method and device based on code signature

A file and code technology, applied in the field of network security, can solve problems such as low performance, system security threats, vulnerabilities, etc., to achieve the effect of ensuring operation, preventing damage, and ensuring security

Inactive Publication Date: 2015-01-14
全联斯泰克科技有限公司
View PDF6 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For the code authentication mechanism under Linux, although some people have studied it, there are still the following problems: one is the method of signature verification during installation, and the executable attribute of the control file is controlled by modifying the chmod system call. The method cannot detect any modification of the code after the program is installed, and has certain limitations; the second is to use the PKI public key system. Since PKI is based on a third party, it cannot guarantee the real-time validity of the certificate, and the CA root certificate is easy to be replaced. There are also obvious loopholes; the third is that the signature verification is to load the entire file into the memory first, calculate its digital digest and then verify the authenticity and integrity of the file.
[0004] Aiming at the problem that the security of the system is threatened due to flaws in the scheme for identifying files in related technologies, no effective solution has been proposed so far

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • ELF file identification method and device based on code signature
  • ELF file identification method and device based on code signature
  • ELF file identification method and device based on code signature

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. All other embodiments obtained by persons of ordinary skill in the art based on the embodiments of the present invention belong to the protection scope of the present invention.

[0025] According to an embodiment of the present invention, a method for identifying an ELF file based on a code signature is provided.

[0026] Such as figure 1 As shown, the ELF file authentication method based on the code signature according to the embodiment of the present invention comprises:

[0027] Step S101, when the user or the system applies for executing the ELF file, the operating system kernel scheduler first identifies the identity of the ELF file (this step can be completed b...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an ELF file identification method based on a code signature. According to ELF file identification, an issuer provides evidence, and a caller (an operating system) verifies the evidence. The evidence of the issuer is the file signature of the issuer, and the signature is made in two steps that firstly, the issuers signs for the file identification, and secondly, the issuer signs for file features. The caller carries out verification in two steps that firstly, the caller extracts the signature of the file identification to verify the file identification and judges whether a file is loaded or not, and secondly, the caller extracts the signature of the file features to verify the file features and judges whether the file is executed or not, wherein the first step is named as admissibility verification, and the second step is named as acceptance verification. By means of the ELF file identification method, identification authentication and feature authentication of the ELF file are achieved, damage caused by illegal invasion and malicious software can be effectively prevented, the operational safety of a computer is ensured, and the optimal balance between the efficiency and safety of the operating system is achieved.

Description

technical field [0001] The invention relates to the field of network security, in particular to a method and device for identifying ELF files based on code signatures. Background technique [0002] With the continuous development of Linux, more and more individuals and enterprises begin to use Linux, especially many enterprise servers begin to adopt the Linux operating system, and its security is also subject to more and more challenges. Executable and Linkable Format (ELF for short), as the most important executable binary file format under Linux and Unix, has naturally become the attack target of viruses and various malicious codes. Facts have proved that many virus programs under Linux achieve intrusion by directly modifying the ELF file. The traditional Unix system (including Linux) does not check the integrity and legality of the executed code, thus allowing many virus programs and Trojan horse programs to take advantage of it. [0003] In order to ensure the security...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06F21/64
CPCG06F21/64
Inventor 李维刚南相浩
Owner 全联斯泰克科技有限公司
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com