| Linux进程语义安全性检测的稳定模型 |
| |
| 引用本文: | 谭成予,董红斌,梁意文.Linux进程语义安全性检测的稳定模型[J].计算机工程与应用,2005,41(10):15-18. |
| |
| 作者姓名: | 谭成予 董红斌 梁意文 |
| |
| 作者单位: | 武汉大学软件工程国家重点实验室/计算机学院,武汉,430072 |
| |
| 基金项目: | 国家自然科学重大研究计划项目(编号:90204011),软件工程国家重点实验室第五批开放基金支持课题 |
| |
| 摘 要: | 现有进程检测方法,检测的目标是系统调用的序列的排列关联,忽略了语义中潜在的异常。稳定模型是逻辑程序的语义模型,可以用以发现并修改逻辑程序的异常问题。该文以系统调用为基本检测点,采用逻辑程序描述进程的基本语义逻辑,用稳定模型表达进程的检测语义。系统定义进程的一系列安全语义规则,在进程执行中,计算安全语义规则与进程逻辑之间的稳定模型,得到安全语义的可计算性结论。论文最后,给出了一个Linux系统中的进程语义安全性检测的基本框架。
|
| 关 键 词: | 信息安全 稳定模型 进程检测 系统调用 |
| 文章编号: | 1002-8331-(2005)10-0015-04 |
Stable Model of Semantics _ based Security Detection for Linux Process |
| |
| Tan Chengyu,Dong Hongbin,Liang Yiwen.Stable Model of Semantics _ based Security Detection for Linux Process[J].Computer Engineering and Applications,2005,41(10):15-18. |
| |
| Authors: | Tan Chengyu Dong Hongbin Liang Yiwen |
| |
| Abstract: | At present,identifying patterns from system call trails are the primary method of process detection,and it neglects latent anomaly in semantics.As the semantics model of logic program,stable model can be used to find and modify the anomaly of logic program.This paper indicates the basic semantics logic of the process with logic program by detecting the system call.Then,the paper introduces a method to define the security semantics rules of the process,and get the conclusion of security semantics through calculating the stable model of security semantics rules and the process logic.At the end,a basic frame for semantics_based security detection based on Linux process is introduced in this paper. |
| |
| Keywords: | information security stable model semantics process detection system call |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
