计算机科学 ›› 2008, Vol. 35 ›› Issue (7): 5-8.

• • 上一篇    下一篇

LKM后门综述

袁源 戴冠中   

  1. 西北工业大学自动化学院控制与网络研究所,西安710072
  • 出版日期:2018-11-16 发布日期:2018-11-16
  • 基金资助:
    航空科学基金(01F53031);教育部博士点基金(20020699026).

YUAN Yuan DAI Guan-zhong (College of Automation, Northwestern Polytechnical University, Xi'an 710072, China)   

  • Online:2018-11-16 Published:2018-11-16

摘要: LKM后门作为Linux下危害最大的恶意代码,运行在内核层,比传统技术下的后门更隐蔽,功能更强大。本文分析LKM后门的技术原理与威胁,并在此基础上研究各种后门检测方法。这些方法都有局限性,因此多方法融合、有机组合互补将成为LKM后门检测的发展趋势。

关键词: Linux 可装载内核模块 后门 系统调用 检测

Abstract: LKM backdoors run in kernel as the most dangerous evil code. It is more secluded and stronger than traditional backdoors. This paper analyses the principle and threaten of LKM backdoors. Some detecting methods are researched based on it. These methods hav

Key words: Linux, Loadable kernel modules, Backdoors, System call, Detecting

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!