基于Linux的内核数据捕获技术研究 |
| |
引用本文: | 傅杨,王嘉祯,文家福.基于Linux的内核数据捕获技术研究[J].人天科学研究,2009(2). |
| |
作者姓名: | 傅杨 王嘉祯 文家福 |
| |
作者单位: | 中国人民解放军军械工程学院计算机工程系 |
| |
摘 要: | 以Linux作为数据捕获的平台,以捕获系统的所有活动特别是入侵者的加密会话为目标,提出了一种利用Rootkit技术,通过替换系统调用sys_read,sys_write,sys_open,sys_socketcall等来从内核捕获数据的技术。
|
关 键 词: | Linux Rootkit 内核 加密 数据捕获 |
Research on kernel packet capture based on Linux |
| |
Authors: | Fu Yang Wang Jiazhen Wen Jiafu |
| |
Institution: | Fu Yang Wang Jiazhen Wen Jiafu; |
| |
Abstract: | Regarded the Linux as the platform of packet capture and the all activities of capture system as the target, especially the invader’s encryption session, a kind of packet capture technology which made use of Rootkit was proposed. it could implement the kernel packet capture through the replace of system call, such as sys_read, sys_write, sys_open and sys_socketcall etc. |
| |
Keywords: | Linux Rootkit Kernel Encrypt Packet Capture |
本文献已被 维普 等数据库收录! |
|