Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Dynamic measurement method for kernel-level process of LINUX

A dynamic measurement, kernel-level technology, applied in the field of computer science, to achieve the effect of avoiding dynamic measurement, robustness and practicality

Pending Publication Date: 2022-03-11
KYLIN CORP
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] However, the existing dynamic measurement methods only measure the executable file before execution, so that the attacker can modify the executable code at runtime without triggering a page fault exception

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic measurement method for kernel-level process of LINUX
  • Dynamic measurement method for kernel-level process of LINUX

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention more clear, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Apparently, the described embodiments are some, but not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0035] First, some technical terms mentioned in the present invention are explained:

[0036] ELF file: In computer science, a format file used for binaries, executables, object code, shared libraries, and core dumps. ELF files were developed and released by UNIX Systems Laboratory (USL) as the Application Binary Interface (ABI), and are the primary executable...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of computer science, in particular to a kernel-level process dynamic measurement method for LINUX, which comprises the following steps: importing a measurement file into a kernel mode of the LINUX, the measurement file comprising a preset executable ELF file; the method comprises the following steps: executing a program, obtaining a first preset code while obtaining a first code of an executable ELF file of the program, and generating an alarm log if the first code is inconsistent with the first preset code; when the program is operated and the correctness of the bprm file of the program is verified, comparing a second code read from the executable ELF file with a second preset code, and if the second code is inconsistent with the second preset code, generating an alarm log; and after the program finishes calling the schema () function, comparing a third code included in a process pointed by the current macro with a third preset code, and if the third code is inconsistent with the third preset code, generating an alarm log. The method aims at a LINUX operating system, and it is guaranteed that the executable ELF file is not tampered in the whole execution process.

Description

technical field [0001] The invention relates to the technical field of computer science, in particular to a dynamic measurement method of a LINUX kernel-level process. Background technique [0002] With the development of science and technology, technology is also advancing by leaps and bounds, and hacking techniques have also undergone major changes. Nowadays, many hackers no longer use the method of file replacement to attack, but look for loopholes and directly modify the memory data to achieve the purpose of invading the system, which puts forward higher requirements for host protection. [0003] In this regard, static measurement and dynamic measurement methods are generally used for protection. [0004] The method of static measurement refers to the method of verifying whether the measurement value is consistent with the measurement value at a certain point in time when the process is created, which cannot meet the new requirements of current host protection. When pe...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/52
CPCG06F21/52
Inventor 郭皓吴春光刘步权齐璇战茅
Owner KYLIN CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com