| 基于虚拟机的文件完整性监控系统 |
| |
| 引用本文: | 王铸,黄涛,文莎.基于虚拟机的文件完整性监控系统[J].中州大学学报,2009,26(5):121-123. |
| |
| 作者姓名: | 王铸 黄涛 文莎 |
| |
| 作者单位: | 华中科技大学,计算机科学与技术学院,武汉,430074 |
| |
| 摘 要: | 以虚拟化软件Xen为基础,设计实现基于虚拟机的文件完整性监控系统——FSGuard。被监控系统(DomU)运行在全虚拟化模式,无法感知底层VMM的存在。Xen实时监控文件操作相关的系统调用,对被监控系统透明。DomU中的用户态程序提供配置和管理的接口,管理员可对某个DomU进行配置,指定需保护文件的列表和访问控制策略。当DomU中的进程对关键文件进行操作时,Xen实时记录文件操作信息,并通过DomU中用户态程序进行反馈。
|
| 关 键 词: | 文件完整性 虚拟化 入侵检测 |
A File Integrity Monitoring System Based on Virtualization |
| |
| WANG Zhu,HUANG Tao,WEN Sha.A File Integrity Monitoring System Based on Virtualization[J].Journal of Zhongzhou University,2009,26(5):121-123. |
| |
| Authors: | WANG Zhu HUANG Tao WEN Sha |
| |
| Institution: | (College of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, China) |
| |
| Abstract: | Based on Xen, a virtualization software, this program, namely FSGuard, achieves the function of mo- nitoring file integrity. The operation system(DomU) monitored by this program run in full -virtualization mode, ob- taining no information about the existence of VMM. System calls are transparent to the monitored operation system under real - time monitoring of Xen. User - mode program in DomU provides regulation and confi~'uration interfaces for administrators to control the configuration of assigning the list of files in demand for security, and of assigning the access control. Xen has a real - time recording of operations in DomU, and reports the data to administrators. |
| |
| Keywords: | file integrity virtualization intrusion detection |
| 本文献已被 维普 万方数据 等数据库收录! |
|
