• Title/Summary/Keyword: Kernel Module

Search Result 121, Processing Time 0.029 seconds

A Design and Implementation of Loadable Kernel Module for Enhanced Security on Linux System (리눅스 시스템의 보안 강화를 위한 LKM(Loadable Kernel Module) 설계 및 구현)

  • Kim, Ik-Su;Kim, Myung-Ho
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2002.11b
    • /
    • pp.933-936
    • /
    • 2002
  • 공격자는 시스템에 침입하기 위해 취약점을 수집하며 여러 공격방법을 통해 루트권한을 획득하게 된다. 루트권한을 획득한 공격자는 공격 시스템에 루트킷을 설치하여 침입에 대한 흔적을 숨기고 차후 침입을 위한 백도어를 남기게 되는데 최근 등장한 커널 기반의 루트킷은 시스템에 대한 침입 탐지를 어렵게 하고 있다. 이러한 공격에 대응하기 위해 침입탐지 및 차단을 위한 보안 시스템들이 많이 개발되어 왔지만 공격자들은 보안 시스템들을 우회하여 시스템에 침입하고 있다. 본 논문에서는 루트권한을 획득한 공격자의 불법행위를 막기 위해 시스템 보안 강화 LKM을 설계, 구현하며 중요 파일의 변조와 루트킷의 실치를 막고 공격자의 불법행위를 관리자에게 실시간으로 알릴 수 있는 방법을 제안한다.

  • PDF

Design & Implementation of Kernel Level Communication System for Linux Cluster (리눅스 클러스터를 위한 커널 수준 통신 시스템의 설계 및 구현)

  • 박동식;박성용;이장선;오상규
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2002.04a
    • /
    • pp.85-87
    • /
    • 2002
  • 본 논문에서는 리눅스 클러스터에서 커널 수준의 응용 프로그램 개발을 위한 통신 모듈인 KCCM(Kernel level Cluster Communication Module)에 대한 구조를 기술한다. KCCM은 비동기 통신을 지원하기 위한 응용 프로그램 인터페이스와 송수신(Send/ Receive)형태의 동기 통신을 지원하기 위한 응용 프로그램 인터페이스를 함께 제공하며, 다른 플랫폼으로의 포팅을 고려하여 소켓 인터페이스를 이용해 구현되었다. 또한 장애 상황에서도 서비스를 계속하고 장애를 복구할 수 있도록 설계되어 커널 수준의 고 가용성 클러스터 응용 프로그램을 개발하는데 유용하다.

  • PDF

Implementation of File Security Module Using on Windows (윈도우즈 기반 파일 보안 모듈 설계 및 구현)

  • Sung Kyung;Yoon Ho-gun
    • Journal of the Korea Society of Computer and Information
    • /
    • v.10 no.2 s.34
    • /
    • pp.105-112
    • /
    • 2005
  • As the development of information telecommunication technology and thus the information sharing and opening is accelerated, If system is exposed to various threatener and the avrious security incident is rasing its head with social problem. As countermeasure, to protect safely and prepare in the attack for a system from a be latent security threat, various security systems are been using such as IDS, Firewall, VPN etc.. But, expertise or expert is required to handle security system. The module, implemented in this paper, is based on Windows XP, like Linux and Unix, and has effect integrity and non-repudiation for a file.

  • PDF

Design and Implementation of Security Kernel Module with Additional Password for Enhancing Administrator Authentication (관리자 인증 강화를 위한 추가적인 패스워드를 가지는 보안 커널모듈 설계 및 구현)

  • Kim, Ik-Su;Kim, Myung-Ho
    • The KIPS Transactions:PartC
    • /
    • v.10C no.6
    • /
    • pp.675-682
    • /
    • 2003
  • Attackers collect vulnerabilities of a target computer system to intrude into it. And using several attack methods, they acquire root privilege. They steal and alter information in the computer system, or destroy the computer sysem. So far many intrusion detection systems and firewallshave been developed, but recently attackers go round these systems and intrude into a computer system . In this paper, we propose security kernel module to prevent attackers having acquired root privilege from doing illegal behaviors. It enhances administrator authentication with additional password, so prevents attackers from doing illegal behaviors such as modification of important files and installation of rootkits. It sends warning mail about sttacker's illegal behaviors to administrators by real time. So using information in the mail, they can estabilish new security policies.

Automated Unit-test Generation for Detecting Vulnerabilities of Android Kernel Modules (안드로이드 커널 모듈 취약점 탐지를 위한 자동화된 유닛 테스트 생성 기법)

  • Kim, Yunho;Kim, Moonzoo
    • Journal of KIISE
    • /
    • v.44 no.2
    • /
    • pp.171-178
    • /
    • 2017
  • In this study, we propose an automated unit test generation technique for detecting vulnerabilities of Android kernel modules. The technique automatically generates unit test drivers/stubs and unit test inputs for each function of Android kernel modules by utilizing dynamic symbolic execution. To reduce false alarms caused by function pointers and missing pre-conditions of automated unit test generation technique, we develop false alarm reduction techniques that match function pointers by utilizing static analysis and generate pre-conditions by utilizing def-use analysis. We showed that the proposed technique could detect all existing vulnerabilities in the three modules of Android kernel 3.4. Also, the false alarm reduction techniques removed 44.9% of false alarms on average.

A Study on Intrusion Protection Techniques against Linux Kernel Backdoor (리녹스 커널 백도어 침업에 대한 차단 기법 연구)

  • Kim, Jin-Taek;Kho, Jeong-Ho;Hong, Min-Seok;Son, Choul-Woong;Park, Beom;Lee, Do-Won;Lee, Geuk
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.9 no.3
    • /
    • pp.201-207
    • /
    • 2009
  • As the existing backdoor worked at user mode, which is application mode, it was possible to check the existence of backdoor by the integrity check of system file. However, for the backdoor using kernel module, it is impossible to check its existence by the integrity check of system file. Even various programs were presented to protect this LKM Kernel backdoor, there is limitation in protection as they examine the changes on the system Call Table. This study, recognizing the danger of invasion through such LKM Kernel backdoor, will provide alternative for the limitation which the existing integrity check couldn't prevent intrusion through Kernel backdoor.

  • PDF

An Implementation of Internet Protocol Version 6 o Windows NT Kernel Environment (윈도우 NT 커널 환경에서 IPv6 프로토콜 구현 연구)

  • Kang, Shin-Gak;Kim, Dae-Young
    • The Transactions of the Korea Information Processing Society
    • /
    • v.4 no.10
    • /
    • pp.2521-2532
    • /
    • 1997
  • The next generation internet protocol, IPv6, have been developed by the IETF according to the requirements of enhancement of classic IP protocols to satisfy the lack of Internet address space as well as the support of multimedia applications. This paper presents an implementation of IPv6 protocols on the Windows NT kernel environment. In this work, we developed and also tested the basic functions, required for operating as an IPv6 host, such as IPv6 header processing, IPv6 address handling, control message processing, group membership processing and neighbor discovery functions. The implemented IPv6 protocol driver module is connected to the lower network interface card through NDIS, a standard network interface. And this driver module that operates within kernel, is implemented as it is connected to upper user applications and lower NDIS using dispatch and lower-edge functions. The developed IPv6 protocol driver can provide not only enhanced performance because it is implemented in kernel mode, but also convenience of usage to the application developers because it gives user interface as a dynamic link library.

  • PDF

A Kernel-Level Group Communication System for Highly Available Linux Cluster (리눅스 클러스터의 고가용성 보장을 위한 커널 수준 그룹 통신 시스템)

  • 이상균;박성용
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.30 no.10
    • /
    • pp.533-543
    • /
    • 2003
  • With the increase of interests in cluster, there have been a number of research efforts to address the high availability issues on cluster. However, there are no kernel-level group communication systems to support the development of kernel-level application programs and it is not easy to use traditional user-level group communication systems for the kernel-level applications. This paper presents the design and implementation issues of KCGCS(Kernel-level Cluster Group Communication System), which is a kernel-level group communication module for linux cluster. Unlike traditional user-level group communication systems, the KCGCS uses light-weight heartbeat messages and a ring-based heartbeat mechanism, which allows users to implement scalable failure detection mechanisms. Moreover, the KCGCS improves the reliability by using distributed coordinators to maintain membership information.

Baer and Quasi-Baer Modules over Some Classes of Rings

  • Haily, Abdelfattah;Rahnaou, Hamid
    • Kyungpook Mathematical Journal
    • /
    • v.51 no.4
    • /
    • pp.375-384
    • /
    • 2011
  • We study Baer and quasi-Baer modules over some classes of rings. We also introduce a new class of modules called AI-modules, in which the kernel of every nonzero endomorphism is contained in a proper direct summand. The main results obtained here are: (1) A module is Baer iff it is an AI-module and has SSIP. (2) For a perfect ring R, the direct sum of Baer modules is Baer iff R is primary decomposable. (3) Every injective R-module is quasi-Baer iff R is a QI-ring.

A Study of USB Device Kernel Hardening Using DLM, in Linux Operating System (리눅스 운영체제에서 DLM을 이용한 USB 디바이스 커널 하드닝에 관한 연구)

  • Jang, Seung-Ju;Choi, Eun-Seok
    • Proceedings of the Korea Contents Association Conference
    • /
    • 2009.05a
    • /
    • pp.693-698
    • /
    • 2009
  • Computer system to operate normally without interruption, is one of the important issues. Likewise, a computer system to operate without interruption, failure to endure a variety of techniques, development and commercial use is arranged. Most guards will take a lot of technique failure endure. In this paper on the Linux operating system, dynamic module (DLM) to connect using the USB device to use USB devices can cause the symptoms to reduce the kernel PANIC hadeuning technique for studying the kernel.

  • PDF