| 基于VMM的文件完整性监控系统的设计与实现 |
| |
| 引用本文: | 陈威,王晖.基于VMM的文件完整性监控系统的设计与实现[J].计算机科学,2012,39(9):252-256. |
| |
| 作者姓名: | 陈威 王晖 |
| |
| 作者单位: | 1. 北京航空航天大学中法工程师学院 北京100191
2. 首都经济贸易大学 北京100070 |
| |
| 摘 要: | 虚拟机监控器(VMM)具有强控制性、隔离性的特点。针对现有文件完整性监控系统中存在的缺陷,提出了一种新的基于VMM且与客户机相隔离的文件完整性保护方法,该方法能够保护用户的敏感文件,特别是文件完整性监控系统本身,使其免受恶意代码的攻击。这种基于虚拟机监控器的文件完整性保护解决方案,在虚拟机隔离层中通过设计和嵌入的"探测器"和"文件逆向定位器"两种关键技术,能够实时地探测到对被保护文件的所有访问企图,从而实现预置的保护策略。
|
| 关 键 词: | 虚拟化技术 虚拟机 I/O截获 文件完整性保护 |
Design and Implementation of VMM-based File Integrity Monitoring System |
| |
| CHEN Wei
,
WANG Hui.Design and Implementation of VMM-based File Integrity Monitoring System[J].Computer Science,2012,39(9):252-256. |
| |
| Authors: | CHEN Wei WANG Hui |
| |
| Affiliation: | 2(College of Sino-French Engineer,Beijing University of Aeronautics and Astronautics,Beijing 100191,China)1(Capital University of Economics and Business,Beijing 100070,China)2 |
| |
| Abstract: | A virtual machine monitor(VMM) has strong control ability and its characteristic of isolation,and can solve open ctuestion in the existing file integrity monitoring systems. A new VMM-based method for file integrity protecting system was proposed,which is isolated between the system and the guest systems. This method should prcconfigure the files to be protected and can avoid the attack to these files from the malicious codes. In this scheme of file integrity protection, the system can intercept all the access attempts to the protected files in real-time by designing and implanting the "detector" and "reversed file locator" into the isolated layer of the virtual machine, and achieves the strategy of pre-protection. |
| |
| Keywords: | Virtualization technology Virtual machine I/O interception File integrity protection |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机科学》浏览原始摘要信息 |
|
点击此处可从《计算机科学》下载全文 |
|
