计算机科学 ›› 2012, Vol. 39 ›› Issue (9): 252-256.
• 人工智能 • 上一篇 下一篇
陈威,王晖
出版日期:
发布日期:
Online:
Published:
摘要: 虚拟机监控器(VMM)具有强控制性、隔离性的特点。针对现有文件完整性监控系统中存在的缺陷,提出了一种新的基于VMM且与客户机相隔离的文件完整性保护方法,该方法能够保护用户的敏感文件,特别是文件完整性监控系统本身,使其免受恶意代码的攻击。这种基于虚拟机监控器的文件完整性保护解决方案,在虚拟机隔离层中通过设计和嵌入的“探测器”和“文件逆向定位器”两种关键技术,能够实时地探测到对被保护文件的所有访问企图,从而实现预置的保护策略。
关键词: 虚拟化技术,虚拟机,I/O截获,文件完整性保护
Abstract: A virtual machine monitor(VMM) has strong control ability and its characteristic of isolation,and can solve open ctuestion in the existing file integrity monitoring systems. A new VMM-based method for file integrity protecting system was proposed,which is isolated between the system and the guest systems. This method should prcconfigure the files to be protected and can avoid the attack to these files from the malicious codes. In this scheme of file integrity protection, the system can intercept all the access attempts to the protected files in real-time by designing and implanting the "detector" and "reversed file locator" into the isolated layer of the virtual machine, and achieves the strategy of pre-protection.
Key words: Virtualization technology, Virtual machine,I/O interception,File integrity protection
陈威,王晖. 基于VMM的文件完整性监控系统的设计与实现[J]. 计算机科学, 2012, 39(9): 252-256. https://doi.org/
0 / / 推荐
导出引用管理器 EndNote|Reference Manager|ProCite|BibTeX|RefWorks
链接本文: https://www.jsjkx.com/CN/
https://www.jsjkx.com/CN/Y2012/V39/I9/252
Cited
首页