Title:
KERNEL SECURITY DETECTION METHOD, APPARATUS, AND DEVICE, AND STORAGE MEDIUM
Document Type and Number:
WIPO Patent Application WO/2020/114262
Kind Code:
A1
Abstract:
The present invention provides a kernel security detection method, apparatus, and device, and a storage medium. The method comprises: in response to a system call, detecting at least a part of data associated with a process permission; and according to a detection result, determining whether the process permission is maliciously modified. By detecting whether the permission of an attacker is legal when the attacker performs further operation on a system, it is difficult for the attacker to generate fundamental damage on a kernel even if the attacker obtains the permission higher than that of the attacker, and thus, the present invention can increase the difficulty of a kernel vulnerability attack to a certain extent, and reduce the success rate of the kernel vulnerability attack.
Inventors:
LI DAN (CN)
XU LAIGUANG (CN)
QIU SHAOXIANG (CN)
XU LAIGUANG (CN)
QIU SHAOXIANG (CN)
Application Number:
PCT/CN2019/120133
Publication Date:
June 11, 2020
Filing Date:
November 22, 2019
Export Citation:
Assignee:
ALIBABA GROUP HOLDING LTD (CN)
International Classes:
G06F21/54
Foreign References:
| CN107908958A | 2018-04-13 | |||
| US20110099632A1 | 2011-04-28 | |||
| CN105245543A | 2016-01-13 |
Other References:
YUDAN ZUO: "Research on SELinux-based Methods of Preventing Kernel Privilege Escalation Attacks", CHINA MASTER’S THESES FULL-TEXT DATABASE, no. 4, 15 April 2018 (2018-04-15), pages 1 - 67, XP009521606, ISSN: 1674-0246
Attorney, Agent or Firm:
BEIJING SANYOU INTELLECTUAL PROPERTY AGENCY LTD. (CN)
Download PDF: