| The network computers are facing long-term threats of malicious behaviors, which are including vulnerability attack, virus and Trojan horse injection, and so on. Generally, the implementations of most malicious behaviors can be taken as the tampering with control flow or data flow of the target program. The entry point of this paper is to discover the contents in normal procedure which tampered by malicious behaviors, and do research on the safety protection method for network computers based on the code tamper-proofing. Based on the analysis of achievements on the trusted computing research field in recent years, the research was carried out by three parts, that including the construction of trusted root, the protection method of key data and the dynamic trusted measurement of code.The scheme to construct the trusted root based on independent embedded devices and logic binding mechanism was studied. Depending on the independent access control strategy and independent execution environment of USB-KEY, the prototype system of portable executable equipment is constructed. Based on analyzing the chain and tree information aggregation models, a trusted storage environment with double models is implemented in the prototype system. The chain model is used to be compatible with the existing research results of the trusted boot, while the tree model is used to implement the trusted measurement on the application layer of computer system.For the key data protection, the problem that the building of Merkle hash tree, which should be based on a full binary tree and often filled with the redundant data, may easily lead to a low time and space utilization. After the mathematical modeling, a kind of hash tree model based on non-balanced binary tree is proposed. The model uses sequence space to store the non-balanced binary tree structure. And it is able to reach higher space utilization than the full binary tree. The connection between the nodes can be directly calculated by the formula. The model does not need to pre-allocate storage space, while the increased node can be directly added after the original data by order. It is especially suitable for the object integrity protection whose data size increased dynamically. Compared with the original hash tree model, the improved model reduces the space overhead for about25%, the whole tree building process time cost for about8%, showed in the experimental results.For the existing safety problems in Von Neumann architecture, a scheme of process code run time integrity measurement, which based on Virtual Harvard Structure, was emphatically studied. And the details of memory address translation mechanisms of complex instruction set computers(CISC) CPU and reduced instruction set computers(RISC) CPU were analysed. The scheme was validated with a customized Bochs simulation environment and the kernel of Linux0.11. The experimental result shows that Virtual Harvard Structure, which based on a CPU with independent instruction TLB (Translation Lookaside Buffer) and data TLB, is able to achieve the redirection for physical memory address of test program code segment contents.For the limitations of process code run time integrity measurement, a scheme based on the guard model for process behaviours monitoring is proposed. The scheme was analysed by experiment based on CFP2006benchmark. The guards were embedded in the functions entry of target program. The function call relations of target program could be correctly reflected by guards. But there is no relationship between the number of gurads and the increased execution time of test program with guards, showed in the experimental results. Through analysis, the phenomenon was thought to have something to do with the program structure of the test object. |
PDF Full Text Request