Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A detection method, defense method and system for linux kernel data attack

A technology of kernel data and detection method, which is applied in the direction of electrical digital data processing, instruments, calculations, etc., can solve the problems of being unable to deal with kernel data attacks and not taking kernel data into account, and achieve accurate kernel data attacks, rapid addition, deletion and modification, low cost effect

Active Publication Date: 2020-07-03
HUAZHONG UNIV OF SCI & TECH
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] Aiming at the above defects or improvement needs of the prior art, the present invention provides a detection method and system for Linux kernel data attacks, the purpose of which is to solve the problem that the existing kernel attack defense methods do not take kernel data into account and cannot cope with kernel data attacks problem technical problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A detection method, defense method and system for linux kernel data attack
  • A detection method, defense method and system for linux kernel data attack
  • A detection method, defense method and system for linux kernel data attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046]In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.

[0047] The overall idea of ​​the present invention is to collect key safety data of the kernel, and obtain a data flow graph of the key safety data of the kernel through static analysis. Use TSX technology to monitor the safety-critical data of the Linux kernel, obtain each operation for them, analyze the data flow, compare its data flow direction with the previously analyzed data graph, and judg...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a Linux kernel data attack detection method and a defense method and system. The method comprises the following steps that safety key data is extracted from Linux kernel data according to the Linux kernel data and the safety relevancy; static analysis is carried out on the Linux kernel data to obtain data flow of the Linux kernel data; the relation between the safety key data is extracted from the data flow of the Linux kernel data to obtain a data flow of the safety key data; the key data in the operation process of a Linux kernel is monitored and compared with the data flow of the security key data, if the key data is deviated from the data flow of the safety key data in the operation process of the Linux kernel, the output Linux kernel data is attacked, and otherwise, the output Linux kernel data is not attacked. Compared with an existing kernel data attack detection scheme, the indirect branch characteristic of program data flow is fully considered, and thefalse alarm rate of detection results is effectively reduced.

Description

technical field [0001] The invention belongs to the field of kernel attack detection and defense, and more specifically relates to a detection and defense method and system for Linux kernel data attacks. Background technique [0002] The kernel is the most basic part of the operating system, and for a secure and stable system, protecting the kernel from interference from other running programs is paramount. Kernels are becoming a target for attackers today for several reasons: [0003] First, due to the implementation of various user-mode protection mechanisms such as ASLR, Sandbox, CFI, CPI, DEP, etc., attacks against user-mode programs are becoming more and more difficult; [0004] Second, the attack surface of the kernel is large. This is due to the large number of kernel code lines (16.9MLOC, Linuxver4.5.4), many system calls (397), and the new version of the kernel will also bring new vulnerabilities and attack opportunities; [0005] Third, the income obtained by at...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/55
CPCG06F21/552
Inventor 金海羌卫中杨嘉玮
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com