| Linux's security is broken and concerned increasingly, as more and more users come into Linux's World. "There is not impossibility to have virus in Linux" is foremost judgment, and then a series of virus which was in Windows appear in Linux now, and then corresponding anti-virus programs have been designed. In the process, the understanding to the virus become more deeply. It is delightful because the harm of virus have been regarded, and it is also troublesome because imperilment of the virus to Linux is going on.ELF virus is one of four class virus in Linux, and its damage and technic complexity are most advanced than other three class virus. Firstly, the complexity of object file format result in the complexity of ELF virus. That's the virus can attack anyplace of the file, and the attack may be primary or advanced. Secondly, the particularity of the object file itself may be the important reason that leads the particularity of virus, in other word, in some case the virus and the object file may coexist in the same file.According to the security of Linux and ELF virus program, in the first place the thesis analyses the object file format pertinently, and necessarily explain some weak place to the virus;in the next place, the thesis classifies the ELF virus based on some representative information, and induces the essential characteristic of all the four classes virus;thirdly, based on Security OS(SOS) theory and security model, the thesis does some makeup pertinently after ELF virus is analysed adequately;finally, the anti-ELF virus program is designed, and the program is tested on its validity and performance with UnixBench.The thesis does some research in security model, especially the adjustment model of Biba is brought forward towards virus, and a new method is found for anti-ELF virus in SOS theory. The result is given as Linux loadable module. |
PDF Full Text Request