软件哨兵安全动态检测模型的研究与实现

Study and implementation of software guards' security dynamic testing model

软件哨兵是保护软件代码不被非法修改的重要方法之一,但它本身的安全面临着重大挑战。为了能动态检测软件哨兵是否遭到窜改,基于TPM技术提出了一个检测软件哨兵完整性的模型。该模型利用哨兵进程在内存页面中的变化情况,判断哨兵是否可信,提高了哨兵实时性和动态性。实验证明,该模型能够准确地判断出哨兵进程是否遭到窜改并满足计算平台对安全性和执行效率的要求,具有较好的可行性。

Software guards is an important mean to protect software code from illegal tampering, but its security becomes a critical issue. To be able to detect whether the software guards had been tampered, this paper presented a dynamic measuring model based on TPM, which used the changes that guards in the memory page to judge its credibility and improved the nature of dynamical and real-time. The experiments show that the model can detect whether the software guards have been tampered and satisfied the security and efficiency to the computing platforms.