首页>
外国专利>
METHOD AND SYSTEM OF PROCESSING KERNEL PATCH FOR PREVENTION OF KERNEL VULNERABILITY
METHOD AND SYSTEM OF PROCESSING KERNEL PATCH FOR PREVENTION OF KERNEL VULNERABILITY
展开▼
机译:处理内核补丁以防止内核易损性的方法和系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
A kernel patch method for protecting vulnerability of a kernel and a system thereof are provided to effectively manage against hacking using the kernel vulnerability without modifying the kernel, or a recompiling or rebooting process by making a routine to supplement the kernel vulnerability into an LKM(Loadable Kernel Module) type kernel module. A kernel exploit prevention module(410) uses a KLM mode for removing the kernel vulnerability. A kernel patch database stores information for the vulnerability protecting modules of each version. A system information collecting module searches the patch corresponding to the kernel version of a kernel system by searching the kernel patch database. An OS(Operating System) patches the kernel by forming an LKM having an effectiveness check code with a system call hooking technique to enable a user program(200) to use a kernel service of the OS through a system call interface(210).
展开▼