摘要
[目的/意义]随着网络攻击技术的发展,各种木马程序不断涌现.受限于木马特征检测的困难性和系统资源的限制等因素,常规的入侵检测手段并不适用于资源受限的嵌入式微处理系统.为此提出了一种轻量级的木马阻断安全机制,用以降低嵌入式系统中敏感信息被窃取的安全威胁.[方法/过程]分析了Linux操作系统下协议栈发送网络数据包的过程以及Netfilter的工作机理,提出了一种基于Netfilter的IP报文外出控制机制,用较小的计算代价,防止了木马病毒向外发送敏感信息.[结果/结论]方法适用于资源受限的嵌入式微处理系统,能够降低嵌入式微处理系统中敏感信息被窃取的安全威胁.
[Purpose/Significance]With the development of network attack technologies,various Trojan programs continue to emerge.Due to the difficulty of detecting Trojan features and the limitations of system resources,universal hacking detection methods are not suitable for resources limited embedded microsystems.Therefore,a lightweight Trojan blocking security mechanism is proposed to reduce the security threat of sensitive information being stolen in embedded systems.[Method/Process]By analyzing the process of sending IP packets under the TCP/IP stack of Linux,as well as the working mechanism of Netfilter,an outgoing control mechanism of IP packets based on Netfilter is proposed,which prevents hacking processes form sending out sensitive information at a relatively small computational cost.[Results/Conclusion]This method is suitable for resource limited embedded microprocessing systems and can reduce the security threat of sensitive information being stolen in embedded microprocessing systems.
作者
武柯安
高洋洋
Wu Ke'an;Gao Yangyang(No.30 Research Institute of China Electronics Technology Group Corporation,Sichuan Chengdu 610041)
出处
《网络空间安全》
2024年第4期180-185,共6页
Cyberspace Security
作者简介
武柯安(1990-),男,汉族,山西孝义人,西南通信研究所,硕士,中国电子科技集团公司第三十研究所,工程师,主要研究方向和关注领域:嵌入式系统信息安全和网络安全;高洋洋(1989-),男,汉族,河南许昌人,中国科学院大学,硕士,中国电子科技集团公司第三十研究所,工程师,主要研究方向和关注领域:网络安全。
