Trusted computing based white list static measurement method

A measurement method and trusted computing technology, applied in computing, computer security devices, instruments, etc., can solve problems such as not updating the virus database in time, time-consuming matching check abnormalities, blacklist expansion, etc., to avoid finding malicious programs and codes , ensure safe and stable operation, and prevent malicious code and other attacks

Inactive Publication Date: 2015-09-23
STATE GRID CORP OF CHINA +3
View PDF5 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The scope of the blacklist is certain. When a new type of threat program is not in the blacklist and the virus database is not updated in time, it will easily lead to attacks. We call it "Zero-day" attack. It is a major disadvantage of the b

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Trusted computing based white list static measurement method
  • Trusted computing based white list static measurement method
  • Trusted computing based white list static measurement method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] The specific embodiments of the present invention will be further described in detail below with reference to the accompanying drawings.

[0043] like figure 1 As shown, a whitelist static measurement method based on trusted computing, the method includes:

[0044] combine Figure 2-3 As shown, (1) determine the measurement object; in the step (1), the measurement object includes an executable program, a dynamic library and a kernel module.

[0045] (2) Obtain the hash check value of the measurement object; as Figure 5 As shown, the step (2) includes: obtaining the parameter value of the executable program, sending it to the static measurement agent, and calculating the hash check value of the executable program.

[0046] When calling the subroutine created by the fork system and executing the execve system to load a new executable program, call do_execve (), the parameter value of the executable program is sent to the kernel and encapsulated in the struct linux_bi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention relates to a trusted computing based white list static measurement method. The method comprises: determining a measurement object; acquiring a Hash checksum of the measurement object; comparing the Hash checksum of the measurement object with a predetermined checksum; judging trustability of the measurement object according to the comparison result; generating a while list library, wherein the while list library comprises a local white list library, a network white list library and a temporary white list library; and installing a terminal software. In this way, integrity of execution rights, source and trustability of the software is ensured.

Description

technical field [0001] The invention relates to a measurement method, in particular to a whitelist static measurement method based on trusted computing. Background technique [0002] In the Linux system, the program is stored on the disk in the form of an executable file. The executable file includes both the target code of the executed function and the data used by these functions. Many functions in the program are service routines available to all programs, and their object code is contained in special files called "libraries". The code of a library function can be copied into the executable file statically, or it can be linked into the process at runtime. [0003] like Figure 4 As shown in , the execution process of the Linux system execution program: Suppose a user wants to display files in the current directory, and the result can be obtained by simply typing the external command / bin / ls at the shell prompt. The command shell creates a new process, and the new proces...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/51G06F21/56
Inventor 杨博龙郭子明赵保华张昊王志皓王东升戚岳邢金阎博宋磊
Owner STATE GRID CORP OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap