[1]李晓丽. 基于LKM机制的Linux安全模块的研究[J].计算机技术与发展,2016,26(06):97-100.
 LI Xiao-li. Research on Linux Security Module Based on LKM Mechanism[J].,2016,26(06):97-100.
点击复制

 基于LKM机制的Linux安全模块的研究()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
26
期数:
2016年06期
页码:
97-100
栏目:
安全与防范
出版日期:
2016-06-10

文章信息/Info

Title:
 Research on Linux Security Module Based on LKM Mechanism
文章编号:
1673-629X(2016)06-0097-04
作者:
 李晓丽
 南通大学
Author(s):
 LI Xiao-li
关键词:
 可装载内核模块钩子函数安全模块系统调用短信报警
Keywords:
 LKMhook functionsecurity modulesystem callSMS alarm
分类号:
TP309
文献标志码:
A
摘要:
 近年来,Linux系统由于其出色的稳定性、灵活性和可扩展性,以及较低廉的成本,受到计算机工业界的广泛关注和应用。但在安全性方面,Linux内核只提供了自主访问控制以及部分安全机制,这对于Linux系统的安全性是不够的,影响了Linux系统的进一步发展和更广泛的应用。文中在深入研究LKM和HOOK技术的基础上,针对目前Linux系统安全审计方面的不足,设计了一个Linux安全日志模块。当入侵者通过某用户账户进入Linux服务器系统并尝试修改文件时,系统会自动生成包含用户信息的日志记录文件。该模块适用于监管长期稳定运行、配置较少需要改动的Linux服务器系统。经系统实测,该安全日志模块能及时有效地记录恶意用户对系统文件的访问或篡改,为系统的安全审计工作提供有用信息。
Abstract:
 In recent years,the Linux system has been widely concerned and applied in the computer industry because of its excellent stabil-ity,flexibility and scalability,and low cost. But in terms of security,the Linux kernel only provides access control as well as some security mechanisms. This is not enough for the security of the Linux system,which affects the further development of the Linux system and its wider application. In view of the current problems on security auditing of Linux system,a Linux security log module is designed in this paper on the basis of the research of LKM and HOOK technology. When an intruder enters the Linux server system through a user account and tries to modify the file,the system will generate a log file containing the user’ s information automatically. The module is suitable for monitoring the long-term stable operation of the Linux server system,whose configuration is less need to change. By the actual measure-ment,the security log module can record the user’s access or tampering with the system file in time and effectively,and provide useful in-formation for the security auditing of the system.

相似文献/References:

[1]阮越.Linux用户行为记录器的一种内核级实现方法[J].计算机技术与发展,2008,(02):152.
 RUAN Yue.Implementation of Users'Behavior Recorder in Linux Kernel[J].,2008,(06):152.
[2]张志宏,吴庆波,邵立松,等.基于飞腾平台TOE协议栈的设计与实现[J].计算机技术与发展,2014,24(07):1.
 ZHANG Zhi-hong,WU Qing-bo,SHAO Li-song,et al. Design and Implementation of TCP/IP Offload Engine Protocol Stack Based on FT Platform[J].,2014,24(06):1.
[3]梁文快,李毅. 改进的基因表达算法对航班优化排序问题研究[J].计算机技术与发展,2014,24(07):5.
 LIANG Wen-kuai,LI Yi. Research on Optimization of Flight Scheduling Problem Based on Improved Gene Expression Algorithm[J].,2014,24(06):5.
[4]黄静,王枫,谢志新,等. EAST文档管理系统的设计与实现[J].计算机技术与发展,2014,24(07):13.
 HUANG Jing,WANG Feng,XIE Zhi-xin,et al. Design and Implementation of EAST Document Management System[J].,2014,24(06):13.
[5]侯善江[],张代远[][][]. 基于样条权函数神经网络P2P流量识别方法[J].计算机技术与发展,2014,24(07):21.
 HOU Shan-jiang[],ZHANG Dai-yuan[][][]. P2P Traffic Identification Based on Spline Weight Function Neural Network[J].,2014,24(06):21.
[6]李璨,耿国华,李康,等. 一种基于三维模型的文物碎片线图生成方法[J].计算机技术与发展,2014,24(07):25.
 LI Can,GENG Guo-hua,LI Kang,et al. A Method of Obtaining Cultural Debris’ s Line Chart Based on Three-dimensional Model[J].,2014,24(06):25.
[7]翁鹤,皮德常. 混沌RBF神经网络异常检测算法[J].计算机技术与发展,2014,24(07):29.
 WENG He,PI De-chang. Chaotic RBF Neural Network Anomaly Detection Algorithm[J].,2014,24(06):29.
[8]刘茜[],荆晓远[],李文倩[],等. 基于流形学习的正交稀疏保留投影[J].计算机技术与发展,2014,24(07):34.
 LIU Qian[],JING Xiao-yuan[,LI Wen-qian[],et al. Orthogonal Sparsity Preserving Projections Based on Manifold Learning[J].,2014,24(06):34.
[9]尚福华,李想,巩淼. 基于模糊框架-产生式知识表示及推理研究[J].计算机技术与发展,2014,24(07):38.
 SHANG Fu-hua,LI Xiang,GONG Miao. Research on Knowledge Representation and Inference Based on Fuzzy Framework-production[J].,2014,24(06):38.
[10]叶偲,李良福,肖樟树. 一种去除运动目标重影的图像镶嵌方法研究[J].计算机技术与发展,2014,24(07):43.
 YE Si,LI Liang-fu,XIAO Zhang-shu. Research of an Image Mosaic Method for Removing Ghost of Moving Targets[J].,2014,24(06):43.

更新日期/Last Update: 2016-09-20