System protection method, device, equipment and medium

System protection method, device, equipment and medium

The invention provides a system protection method and device, equipment and a medium, belongs to the technical field of information security, and can solve the problem that a system is possibly attacked due to the fact that an application layer cannot intercept some harmful operations. The method co...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: MOU TIANYU, WU HONGLIN, FAN XINYU, KUANG YAHE
Format: Patent
Sprache:chi ; eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention provides a system protection method and device, equipment and a medium, belongs to the technical field of information security, and can solve the problem that a system is possibly attacked due to the fact that an application layer cannot intercept some harmful operations. The method comprises the steps that a currently triggered target system call is responded to be a system call hooked by an eBPF program, the target system call is captured through the eBPF program, the eBPF program is a program injected into a kernel space of the system, and the eBPF program comprises harmful operation interception configuration information; matching the target system call with the harmful operation interception configuration information through the eBPF program; if the matching is successful, the eBPF program intercepts the target system call; and if the matching is not successful, the eBPF program releases the target system call. Therefore, the harmful operation influencing the system state can be intercepted