• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.11b
• /
• pp.933-936
• /
• 2002

공격자는 시스템에 침입하기 위해 취약점을 수집하며 여러 공격방법을 통해 루트권한을 획득하게 된다. 루트권한을 획득한 공격자는 공격 시스템에 루트킷을 설치하여 침입에 대한 흔적을 숨기고 차후 침입을 위한 백도어를 남기게 되는데 최근 등장한 커널 기반의 루트킷은 시스템에 대한 침입 탐지를 어렵게 하고 있다. 이러한 공격에 대응하기 위해 침입탐지 및 차단을 위한 보안 시스템들이 많이 개발되어 왔지만 공격자들은 보안 시스템들을 우회하여 시스템에 침입하고 있다. 본 논문에서는 루트권한을 획득한 공격자의 불법행위를 막기 위해 시스템 보안 강화 LKM을 설계, 구현하며 중요 파일의 변조와 루트킷의 실치를 막고 공격자의 불법행위를 관리자에게 실시간으로 알릴 수 있는 방법을 제안한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.85-87
• /
• 2002

본 논문에서는 리눅스 클러스터에서 커널 수준의 응용 프로그램 개발을 위한 통신 모듈인 KCCM(Kernel level Cluster Communication Module)에 대한 구조를 기술한다. KCCM은 비동기 통신을 지원하기 위한 응용 프로그램 인터페이스와 송수신(Send/ Receive)형태의 동기 통신을 지원하기 위한 응용 프로그램 인터페이스를 함께 제공하며, 다른 플랫폼으로의 포팅을 고려하여 소켓 인터페이스를 이용해 구현되었다. 또한 장애 상황에서도 서비스를 계속하고 장애를 복구할 수 있도록 설계되어 커널 수준의 고 가용성 클러스터 응용 프로그램을 개발하는데 유용하다.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.2 s.34
• /
• pp.105-112
• /
• 2005

As the development of information telecommunication technology and thus the information sharing and opening is accelerated, If system is exposed to various threatener and the avrious security incident is rasing its head with social problem. As countermeasure, to protect safely and prepare in the attack for a system from a be latent security threat, various security systems are been using such as IDS, Firewall, VPN etc.. But, expertise or expert is required to handle security system. The module, implemented in this paper, is based on Windows XP, like Linux and Unix, and has effect integrity and non-repudiation for a file.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.675-682
• /
• 2003

Attackers collect vulnerabilities of a target computer system to intrude into it. And using several attack methods, they acquire root privilege. They steal and alter information in the computer system, or destroy the computer sysem. So far many intrusion detection systems and firewallshave been developed, but recently attackers go round these systems and intrude into a computer system . In this paper, we propose security kernel module to prevent attackers having acquired root privilege from doing illegal behaviors. It enhances administrator authentication with additional password, so prevents attackers from doing illegal behaviors such as modification of important files and installation of rootkits. It sends warning mail about sttacker's illegal behaviors to administrators by real time. So using information in the mail, they can estabilish new security policies.

• Journal of KIISE
• /
• v.44 no.2
• /
• pp.171-178
• /
• 2017

In this study, we propose an automated unit test generation technique for detecting vulnerabilities of Android kernel modules. The technique automatically generates unit test drivers/stubs and unit test inputs for each function of Android kernel modules by utilizing dynamic symbolic execution. To reduce false alarms caused by function pointers and missing pre-conditions of automated unit test generation technique, we develop false alarm reduction techniques that match function pointers by utilizing static analysis and generate pre-conditions by utilizing def-use analysis. We showed that the proposed technique could detect all existing vulnerabilities in the three modules of Android kernel 3.4. Also, the false alarm reduction techniques removed 44.9% of false alarms on average.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.9 no.3
• /
• pp.201-207
• /
• 2009

As the existing backdoor worked at user mode, which is application mode, it was possible to check the existence of backdoor by the integrity check of system file. However, for the backdoor using kernel module, it is impossible to check its existence by the integrity check of system file. Even various programs were presented to protect this LKM Kernel backdoor, there is limitation in protection as they examine the changes on the system Call Table. This study, recognizing the danger of invasion through such LKM Kernel backdoor, will provide alternative for the limitation which the existing integrity check couldn't prevent intrusion through Kernel backdoor.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.10
• /
• pp.2521-2532
• /
• 1997

The next generation internet protocol, IPv6, have been developed by the IETF according to the requirements of enhancement of classic IP protocols to satisfy the lack of Internet address space as well as the support of multimedia applications. This paper presents an implementation of IPv6 protocols on the Windows NT kernel environment. In this work, we developed and also tested the basic functions, required for operating as an IPv6 host, such as IPv6 header processing, IPv6 address handling, control message processing, group membership processing and neighbor discovery functions. The implemented IPv6 protocol driver module is connected to the lower network interface card through NDIS, a standard network interface. And this driver module that operates within kernel, is implemented as it is connected to upper user applications and lower NDIS using dispatch and lower-edge functions. The developed IPv6 protocol driver can provide not only enhanced performance because it is implemented in kernel mode, but also convenience of usage to the application developers because it gives user interface as a dynamic link library.

• Journal of KIISE:Computer Systems and Theory
• /
• v.30 no.10
• /
• pp.533-543
• /
• 2003

With the increase of interests in cluster, there have been a number of research efforts to address the high availability issues on cluster. However, there are no kernel-level group communication systems to support the development of kernel-level application programs and it is not easy to use traditional user-level group communication systems for the kernel-level applications. This paper presents the design and implementation issues of KCGCS(Kernel-level Cluster Group Communication System), which is a kernel-level group communication module for linux cluster. Unlike traditional user-level group communication systems, the KCGCS uses light-weight heartbeat messages and a ring-based heartbeat mechanism, which allows users to implement scalable failure detection mechanisms. Moreover, the KCGCS improves the reliability by using distributed coordinators to maintain membership information.

• Kyungpook Mathematical Journal
• /
• v.51 no.4
• /
• pp.375-384
• /
• 2011

We study Baer and quasi-Baer modules over some classes of rings. We also introduce a new class of modules called AI-modules, in which the kernel of every nonzero endomorphism is contained in a proper direct summand. The main results obtained here are: (1) A module is Baer iff it is an AI-module and has SSIP. (2) For a perfect ring R, the direct sum of Baer modules is Baer iff R is primary decomposable. (3) Every injective R-module is quasi-Baer iff R is a QI-ring.

• Proceedings of the Korea Contents Association Conference
• /
• 2009.05a
• /
• pp.693-698
• /
• 2009

Computer system to operate normally without interruption, is one of the important issues. Likewise, a computer system to operate without interruption, failure to endure a variety of techniques, development and commercial use is arranged. Most guards will take a lot of technique failure endure. In this paper on the Linux operating system, dynamic module (DLM) to connect using the USB device to use USB devices can cause the symptoms to reduce the kernel PANIC hadeuning technique for studying the kernel.