| Linux/Unix环境中ELF格式病毒的分析 |
| |
| 引用本文: | 谢瑶,潘剑峰,朱明.Linux/Unix环境中ELF格式病毒的分析[J].计算机工程,2005,31(4):166-168. |
| |
| 作者姓名: | 谢瑶 潘剑峰 朱明 |
| |
| 作者单位: | 中国科学技术大学电子工程与信息科学系,合肥,230027;中国科学技术大学自动控制系,合肥,230027 |
| |
| 摘 要: | 结合Linux/Unix病毒实例,分析了Linux/Unix系统ELF文件格式病毒的原理,并从5个方面讲述了实现的关键技术:病毒体寄生ELF文件技术,寄主程序入口重定位,病毒体地址无关代码,LKM可重载内核技术以及网络功能的实现。最后,提出了对这一类病毒检测与防范的方法及策略。
|
| 关 键 词: | Linux/Unix系统 可执行链接文件格式病毒 病毒寄生 可重载内核LKM |
| 文章编号: | 1000-3428(2005)04-0166-03 |
Analysis of ELF Virus in Linux/Unix Systems |
| |
| XIE Yao,PAN Jianfeng,ZHU Ming.Analysis of ELF Virus in Linux/Unix Systems[J].Computer Engineering,2005,31(4):166-168. |
| |
| Authors: | XIE Yao PAN Jianfeng ZHU Ming |
| |
| Affiliation: | XIE Yao1,PAN Jianfeng2,ZHU Ming2 |
| |
| Abstract: | The technological details about infection mechanism of ELF virus is analysed, with specific case of ELF virus. Five critical questions are illustrated which include: parasite in host file, redirect executive entry of host to realize virus self-execution , PIC (Position Independent Code) , LKM ( Lodable Kernel Modules) and Interenet propagation of virus. Finally, the paper suggests several practical strategies for detection and protection of virus. |
| |
| Keywords: | Linux/Unix system Executable linking format(ELF) virus Virus parasite Loadable kernel model(LKM) |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
