Kernel hooks are very important control data in OS kernel.Once these data are compromised by attackers,they can change the control flow of OS kernel’s execution.Previous solutions suffer from limitations in that:1)so...Kernel hooks are very important control data in OS kernel.Once these data are compromised by attackers,they can change the control flow of OS kernel’s execution.Previous solutions suffer from limitations in that:1)some methods require modifying the source code of OS kernel and kernel modules,which is less practical for wide deployment;2)other methods cannot well protect the kernel hooks and function return addresses inside kernel modules whose memory locations cannot be predetermined.To address these problems,we propose OPKH,an on-the-fly hook protection system based on the virtualization technology.Compared with previous solutions,OPKH offers the protected OS a fully transparent environment and an easy deployment.In general,the working procedure of OPKH can be divided into two steps.First,we utilise the memory virtualization for offline profiling so that the dynamic hooks can be identified.Second,we exploit the online patching technique to instrument the hooks for run-time protection.The experiments show that our system can protect the dynamic hooks effectively with minimal performance overhead.展开更多
For a more accurate and comprehensive assessment of the trustworthiness of component-based soft- ware system, the fuzzy analytic hierarchy process is introduced to establish the analysis model. Combine qualitative and...For a more accurate and comprehensive assessment of the trustworthiness of component-based soft- ware system, the fuzzy analytic hierarchy process is introduced to establish the analysis model. Combine qualitative and quantitative analyses, the impacts to overall trustworthiness by the different types of components are distinguished. Considering the coupling relationship between components, dividing the system into several layers from target layer to scheme layer, evaluating the scheme advantages disadvantages by group decision-making, the trustworthiness of a typical J2EE structured component-based software is assessed. The trustworthiness asses model of the software components provides an effective methods of operation.展开更多
基金supported in part by the National High Technology Research and Development Program of China(863 Program)under Grant No.2009AA01Z433the Project of National Ministry under Grant No.A21201-10006the Open Foundation of State Key Laboratory of Information Security(Institute of Information Engineering,Chinese Academy of Sciences)under Grant No.2013-4-1
文摘Kernel hooks are very important control data in OS kernel.Once these data are compromised by attackers,they can change the control flow of OS kernel’s execution.Previous solutions suffer from limitations in that:1)some methods require modifying the source code of OS kernel and kernel modules,which is less practical for wide deployment;2)other methods cannot well protect the kernel hooks and function return addresses inside kernel modules whose memory locations cannot be predetermined.To address these problems,we propose OPKH,an on-the-fly hook protection system based on the virtualization technology.Compared with previous solutions,OPKH offers the protected OS a fully transparent environment and an easy deployment.In general,the working procedure of OPKH can be divided into two steps.First,we utilise the memory virtualization for offline profiling so that the dynamic hooks can be identified.Second,we exploit the online patching technique to instrument the hooks for run-time protection.The experiments show that our system can protect the dynamic hooks effectively with minimal performance overhead.
基金Sponsored by the National High Technology Research and Development Program of China ("863"Program) (2009AA01Z433)
文摘For a more accurate and comprehensive assessment of the trustworthiness of component-based soft- ware system, the fuzzy analytic hierarchy process is introduced to establish the analysis model. Combine qualitative and quantitative analyses, the impacts to overall trustworthiness by the different types of components are distinguished. Considering the coupling relationship between components, dividing the system into several layers from target layer to scheme layer, evaluating the scheme advantages disadvantages by group decision-making, the trustworthiness of a typical J2EE structured component-based software is assessed. The trustworthiness asses model of the software components provides an effective methods of operation.