| 基于Xen虚拟技术的内核完整性保护方法 |
| |
| 引用本文: | 张永林,刘心松,谢文统.基于Xen虚拟技术的内核完整性保护方法[J].成都信息工程学院学报,2009,24(5):440-443. |
| |
| 作者姓名: | 张永林 刘心松 谢文统 |
| |
| 作者单位: | 电子科技大学8010研究室,四川,成都,610054 |
| |
| 摘 要: | 运用Xen虚拟技术,提出了新的内核完整性的保护方法。新方法在Xen内核中增加引用监控模块,同时对内核整体做校验,并保存该校验值。当内核启动时,会对内核重新做校验值,看该值是否与存储的校验值匹配;当内核运行时,对某些资源的修改必须经过引用监控模块的验证。两者相结合,从而达到阻止恶意代码修改内核的目的。与传统的防御恶意代码的方法相比,传统方法只能检测出内核完整性已被破坏,不能阻止恶意代码对内核的修改。
|
| 关 键 词: | 虚拟机监控器Xen 监控模块 内核完整性 可加载内核模块 |
A new approach of kernel integrity protection based on Xen |
| |
| ZHANG Yong-lin,LIU Xin-song,XIE Wen-tong.A new approach of kernel integrity protection based on Xen[J].Journal of Chengdu University of Information Technology,2009,24(5):440-443. |
| |
| Authors: | ZHANG Yong-lin LIU Xin-song XIE Wen-tong |
| |
| Institution: | ZHANG Yong-lin,LIU Xin-song,XIE Wen-tong(Division 8010,UESTC,Chengdu 610054,China) |
| |
| Abstract: | Based on the concept of the Xen virtual machine a new approach of protecting the kernel integrity is proposed.It is importing the monitor module into the Xen kernel.This algorithm verifies the whole kernel,saves its checksum values and makes sure the checksum match with the stored value when the kernel is started up.Before the kernel makes resources modification as a client operating system the verification by the monitor module is necessary to prohibit the malicious code to modify the kernel of the encrypt... |
| |
| Keywords: | virtual machine monitor Xen monitor module kernel integrity loadable kernel module |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
