| 基于Linux的内核数据捕获技术研究 |
| |
| 引用本文: | 傅杨,王嘉祯,文家福.基于Linux的内核数据捕获技术研究[J].人天科学研究,2009(2). |
| |
| 作者姓名: | 傅杨 王嘉祯 文家福 |
| |
| 作者单位: | 中国人民解放军军械工程学院计算机工程系 |
| |
| 摘 要: | 以Linux作为数据捕获的平台,以捕获系统的所有活动特别是入侵者的加密会话为目标,提出了一种利用Rootkit技术,通过替换系统调用sys_read,sys_write,sys_open,sys_socketcall等来从内核捕获数据的技术。
|
| 关 键 词: | Linux Rootkit 内核 加密 数据捕获 |
Research on kernel packet capture based on Linux |
| |
| Authors: | Fu Yang Wang Jiazhen Wen Jiafu |
| |
| Institution: | Fu Yang Wang Jiazhen Wen Jiafu; |
| |
| Abstract: | Regarded the Linux as the platform of packet capture and the all activities of capture system as the target, especially the invader’s encryption session, a kind of packet capture technology which made use of Rootkit was proposed. it could implement the kernel packet capture through the replace of system call, such as sys_read, sys_write, sys_open and sys_socketcall etc. |
| |
| Keywords: | Linux Rootkit Kernel Encrypt Packet Capture |
| 本文献已被 维普 等数据库收录! |
|
