• Title/Summary/Keyword: Kernel Module

Search Result 121, Processing Time 0.026 seconds

A Design of Loadable Kernel Module enhancing the security on Solaris 8 (Solaris 8 기반의 보안 강화용 LKM(loadable Kernel Module) 설계)

  • 최은정;심원태;김명주
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2002.04a
    • /
    • pp.853-855
    • /
    • 2002
  • 안전한 운영체제(Secure Operating System)는 컴퓨터 운영체제의 보안상 결함으로 인하여 발생 가능한 각종 해킹으로부터 시스템을 보호하기 위하여 기존의 운영체제 내에 보안 기능을 통합시킨 보안 커널(Security Kernel)을 추가로 이식한 운영체제이다. 본 논문에서는 polaris 8에서 동작하는 보안 커널을 설계하기 위해 안전한 운영체제와 보안 커널 개발 기술, 솔라리스 운영체제 및 커널 기술을 살펴본다. 이를 토대로 RBAC(Role-Based Access Control)을 지원하고 시스템의 취약점을 감시하는 Solaris 8 기반의 보안 강화용 LKM(Loadable Kernel Module)을 설계한다.

  • PDF

Enhancing Kernel Module Security Using WebAssembly (웹어셈블리를 활용한 커널 모듈 보안성 강화)

  • Hajeong Lim;Hojoon Lee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.2
    • /
    • pp.337-344
    • /
    • 2023
  • Modern OSs, including Linux, show high scalability by adopting a monolithic kernel design, but have weak security because they share all memory space. This study presents a kernel module that are isolated inside the kernel using WebAssembly. WebAssembly provides a high-performance virtual machine by defining a low-level instruction set while guaranteeing memory safety. In this paper, the WebAssembly execution environment is implemented inside the kernel, allowing developers to control the operation of kernel modules and achieving higher security.

Design and Implementation of Kernel Resource Management Scheme (커널 자원 관리 기법 설계 및 구현)

  • Kim, Byung-Jin;Baek, Seung-Jae;Kim, Keun-Eun;Choi, Jong-Moo
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.36 no.3
    • /
    • pp.181-190
    • /
    • 2009
  • Module is an object file that can be loaded into operating system dynamically and has complete privileged access to all resources in kernel. Therefore trivial misuses in a module may cause critical system halts or deadlock situations. In this paper, we propose Kernel Resource Protector(KRP) scheme to reduce the various problems caused by module. KRP provides protections of a variety of kernel resources such as memory, major number and work queue resource. We implement the scheme onto linux kernel 2.6.18, and experimental results show that our scheme can protect kernel resources effectively.

Detection of Loadable Kernel Module Rootkit (Loadable Kernel Module Rootkit 탐지에 관한 연구)

  • Lee, Kye-Chan;Wee, Kyu-Bum
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2003.05c
    • /
    • pp.2133-2136
    • /
    • 2003
  • 해커들은 공격당한 시스템에서 공격자의 흔적을 숨기는 많은 테크닉을 오랫동안 개발해 왔다. 자신의 모습을 감추고 보다 용이한 재침입을 위해, 최근의 백도어(Backdoor)는 커널(Kenel) 구조와 코드 자체를 변경할 수 있는 기능을 가지고 있어서, 우리는 더 이상 커널 자체를 신뢰할 수 없게 되었다. 이 논문에서는 LKM(Loadable Kernel Module) Rootkit에 대한 체계적인 분석을 통해 이에 대한 보다 향상된 대응책을 찾고자 한다.

  • PDF

The Implementation of Kernel Hardening Function by Recovering the Stack Frame of Malfunction Address on the Linux Operating System (리눅스 운영체제에서 주소값 오류시 스택 복구를 통한 커널 하드닝 기능 구현)

  • Jang, Seung-Ju
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.11 no.1
    • /
    • pp.173-180
    • /
    • 2007
  • This paper designs the kernel hardening function by recovering the kernel stack fame to reduce the system error or panic due to the kernel code error. The suggested kernel hardening function guarantees normal system operation by recovering the incorrect address of the kernel stack kernel. The suggesting kernel hardening mechanism is applied to the network module of Linux which is much using put. I experimented the kernel hardening function at the network module of the Linux by forcing panic code.

A Kernel-Level Communication Module for Linux Clusters (리눅스 클러스터를 위한 커널 수준 통신 모듈)

  • 박동식;박성용;양지훈
    • Journal of KIISE:Computing Practices and Letters
    • /
    • v.9 no.3
    • /
    • pp.289-300
    • /
    • 2003
  • Traditional kernel-level communication systems for clusters are dependent upon computing platforms. Futhermore, they are not easy to use and do not provide various functions for clusters. This paper presents an architecture and various implementation issues of a kernel-level communication system, KCCM(Kernel level Cluster Communication Module), for linux cluster. The KCCM provides asynchronous communication services as well as standard synchronous communication services using send and receive. The KCCM also automatically detects and recovers connection failures at runtime. This allows programmers to use KCCM when they build mission critical applications over TCP-based connection-oriented communication environments. Having developed using standard socket interfaces, it can be easily ported to various platforms. The experimental results show that the KCCM provides good performance for asynchronous communication patterns.

MODULES OF QUOTIENTS OVER COMMUTATIVE RINGS

  • Lee, Hei-Sook
    • Communications of the Korean Mathematical Society
    • /
    • v.9 no.4
    • /
    • pp.797-801
    • /
    • 1994
  • In [3] Goldman introduced the notion of modules of quotients of a ring with respect to an idempotents kernel functor, which is a generalization of the localization of a module with respect to a multiplicative subset of a communtative ring. For an idempotent kernel functor $\sigma$ on the category of R-modules and for an R-module M, let $Q_\sigma(M)$ denote the module of quotients with respect to $\sigma$.

  • PDF

Fault Injection System for Linux Kernel Modules

  • Son, Sunghoon
    • Journal of the Korea Society of Computer and Information
    • /
    • v.27 no.6
    • /
    • pp.1-9
    • /
    • 2022
  • In this paper, we propose a general-purpose fault injection system for Linux loadable kernel modules. The fault injection system enables software developers and testers to inject various kinds of faults easily into user-specified kernel modules in user-controlled manner. The proposed system also provides workload generation in order to make injected faults be exposed effectively, By experiments, we show that the fault injection system correctly injects faults into Linux kernel modules. The proposed system can be utilized as a useful tool for testing during kernel module development It is also useful for studies on kernel behaviour analysis and fault isolation and recovery.

A Design of Secure Audit/ Trace Module to Support Computer Forensics (컴퓨터 포렌식스를 지원하는 보안 감사/추적 모듈 설계)

  • 고병수;박영신;최용락
    • Journal of the Korea Society of Computer and Information
    • /
    • v.9 no.1
    • /
    • pp.79-86
    • /
    • 2004
  • In general, operating system is offering the security function of OS level to support several web services. However, it is true that security side of OS level is weak from many parts. Specially, it is needed to audit/trace function in security kernel level to satisfy security more than B2 level that define in TCSEC(Trusted Computer System Evaluation Criteria). So we need to create audit data at system call invocation for this, and do to create audit data of equal format about almost event and supply information to do traceback late. This Paper Proposes audit/trace system module that use LKM(Loadable Kernel Module) technique. It is applicable without alteration about existing linux kernel to ensure safe evidence. It offers interface that can utilize external audit data such as intrusion detection system, and also offers safe role based system that is divided system administrator and security administrator These data will going to utilize to computer forensics' data that legal confrontation is Possible.

  • PDF

Fault Isolation for Linux Device Drivers

  • Son, Sunghoon
    • Journal of the Korea Society of Computer and Information
    • /
    • v.22 no.4
    • /
    • pp.1-8
    • /
    • 2017
  • In this paper, we propose a fault isolation system for device drivers of the Linux operating system. High availability systems impose stringent requirements upon Linux operating system. Especially device drivers can be a major source of operating system instability and many times contribute to system degradation and outages. The proposed fault isolation system identifies the occurrence of the memory-related faults in device driver and isolates it from the kernel. By operating at the early stage of the page fault handler in Linux kernel, the system detects which module causes fault and isolates it transparently from the remaining part of the kernel. By experiments, we show that the proposed system efficiently detects faults incurred by device driver, isolates the device driver and the process which accessed the driver module from the kernel.