CN112181433B - Compiling, running and managing method and system of mimicry multimode mixed execution body - Google Patents

Compiling, running and managing method and system of mimicry multimode mixed execution body Download PDF

Info

Publication number
CN112181433B
CN112181433B CN202011112399.4A CN202011112399A CN112181433B CN 112181433 B CN112181433 B CN 112181433B CN 202011112399 A CN202011112399 A CN 202011112399A CN 112181433 B CN112181433 B CN 112181433B
Authority
CN
China
Prior art keywords
running
environment
execution
mimicry
execution body
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011112399.4A
Other languages
Chinese (zh)
Other versions
CN112181433A (en
Inventor
李翔
全水龙
彭咏
戴曦南
余新胜
霍立田
付琳
沈雷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CETC 32 Research Institute
Original Assignee
CETC 32 Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CETC 32 Research Institute filed Critical CETC 32 Research Institute
Priority to CN202011112399.4A priority Critical patent/CN112181433B/en
Publication of CN112181433A publication Critical patent/CN112181433A/en
Application granted granted Critical
Publication of CN112181433B publication Critical patent/CN112181433B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • G06F9/4843Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
    • G06F9/4881Scheduling strategies for dispatcher, e.g. round robin, multi-level priority queues
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5005Allocation of resources, e.g. of the central processing unit [CPU] to service a request
    • G06F9/5027Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Stored Programmes (AREA)

Abstract

The application provides a compiling, running and managing method and a system of a mimicry multimode mixed execution body, comprising the following steps: step 1: compiling and packaging the execution bodies to construct an equivalent function service program running on multiple platforms; step 2: deploying the simulated operating environment by adopting a two-stage distributed automatic discovery deployment mode; step 3: the executive acquires the service of the running environment, and verifies the executive through a double tamper-proof self-checking process; step 4: performing state monitoring on all components in the simulated operating environment, and repairing when an operating fault is found; step 5: the service state of the component is monitored by the execution controller, and the running state of the component is controlled. According to the application, resources are dynamically allocated and the operation assembly is connected according to the operation requirement of the mimicry program, so that the steps of manual configuration and deployment of the mimicry operation environment execution body are simplified, and the standardization and effectiveness of the mimicry execution body deployment are improved.

Description

Compiling, running and managing method and system of mimicry multimode mixed execution body
Technical Field
The application relates to the technical fields of network security and information security, in particular to a compiling, running and managing method and system of a mimicry multimode mixed execution body.
Background
The traditional network defense technology adopts a passive defense mechanism, mainly because the internal structures are closely related, the attacked components cannot be dynamically changed, unknown attack threats are difficult to deal with, the network space mimicry defense is represented as a generalized robust control architecture and has a deceptive camouflage or hidden mechanism, so that a physical or logical scene similar to the quantum mechanics misdetection effect is generated, and the method can provide reliability guarantee in a target software and hardware system, and can protect the integrated application service function of 'three-in-one' security and credibility defense. The mimicry running environment is a network space mimicry security defense concrete implementation framework, has the capability of controlling generalized uncertain disturbance, and can effectively inhibit uncertain disturbance including known security risks or unknown security threats. Active defense is adopted for known and unknown backdoors and vulnerabilities, and security threat attacks are blocked timely and data integrity is effectively guaranteed. The mimicry running environment has the capability of an active defense mechanism, adopts a dynamic heterogeneous redundancy system architecture and feedback scheduling capability, can resist internal and external attacks, and becomes a new way for solving the network space security defense problem. Mimicry operating environments are proposed in the present patents, but the associated executive requires manual configuration and deployment. The method is characterized in that when the mimicry execution program is deployed, basic functions such as service discovery, resource allocation, automatic deployment, component connection and identity authentication are realized, and newly added mimicry application system services are monitored, organized and cooperatively managed, so that the steps are complicated and complicated, and aiming at the problems, the compiling, running and managing method based on the mimicry multimode mixed execution body is provided. The method provides security detection, resource dependence and automatic service discovery of the mimicry execution program, provides mimicry running environment management, can dynamically allocate resources according to the running requirement of the mimicry execution program, is connected with a running component to ensure the security of a system, monitors the running state of the mimicry execution program, and achieves the availability, the executable and the monitorability of the mimicry executable program.
Patent document CN111124663a (application number: CN 201911120152.4) discloses a mimicry resource scheduling method, system and medium, comprising: step 1: establishing a basic data structure; step 2: establishing a mimicry resource scheduling criterion according to the basic data structure; step 3: initializing mimicry resource scheduling; step 4: constructing a heterogeneous feature classifier; step 5: classifying the heterogeneous characteristics to construct heterogeneous executor N tuples; step 6: consistency updating is carried out on the heterogeneous feature classifier and the heterogeneous executable N tuple; step 7: carrying out load balancing calculation; step 8: and carrying out random scheduling. The method only carries out algorithm scheduling design on the mimicry resources, does not relate to compiling, running and managing methods of the mimicry execution body and does not relate to generating efficiency and safety of the mimicry running environment execution body, but dynamically allocates the resources and automatically connects components according to running requirements of mimicry running programs to ensure the running and safety of the system.
Disclosure of Invention
Aiming at the defects in the prior art, the application aims to provide a compiling, running and managing method and system of a mimicry multi-mode mixed execution body.
The compiling, running and managing method of the mimicry multimode mixed execution body provided by the application comprises the following steps:
step 1: compiling and packaging the execution bodies to construct an equivalent function service program running on multiple platforms;
step 2: deploying the simulated operating environment by adopting a two-stage distributed automatic discovery deployment mode;
step 3: the executive acquires the service of the running environment, and verifies the executive through a double tamper-proof self-checking process;
step 4: performing state monitoring on all components in the simulated operating environment, and repairing when an operating fault is found;
step 5: the service state of the component is monitored by the execution controller, and the running state of the component is controlled.
Preferably, the step 1 includes:
step 1.1: the method comprises the steps of constructing an environment discovery module, requesting an operation environment manager, registering an execution body user, acquiring operation environment configuration, and establishing connection with a distributor and a voter in the operation environment to form input and output before the execution body is started;
step 1.2: in a compiling development environment, compiling programs in multiple languages into executable binary files according to an executable compiling environment;
step 1.3: a requirement list of the running environment is carried out on each executable binary file;
step 1.4: the method comprises the steps of packaging and compressing an execution file, wherein the execution file comprises a root directory and a subdirectory, a running environment demand list is stored in the root directory, and an executable binary file of a single execution body is stored in the subdirectory;
when compiling the execution body, the environment discovery module performs self-checking on the execution body to prevent the execution body from being tampered, and monitors the service state of the running environment.
Preferably, the step 2 includes: decomposing the execution file package through the operation environment manager, acquiring a demand list and a code signature, and checking to prevent modification of an execution body;
selecting a corresponding running environment from a resource pool managed by a running environment manager for deployment according to the demand list, and automatically establishing a security defense structure in the simulated running environment by an execution body;
the mimicry running environment comprises an execution body controller, a distributor, a voter and a virtual operating system.
Preferably, the step 2 includes:
the first stage: creating a mimicry running environment for an executing body through a running manager;
and a second stage: and downloading and deploying an execution body through the mimicry running environment, actively registering to a running manager after the execution body is started, acquiring configuration of the mimicry running environment, and establishing service connection of the mimicry running environment, so that a complete mimicry application deployment, starting and executing process is formed.
Preferably, the running environment manager builds the service connection after discovering the resource by:
step 2.1: the running environment automatically discovers and deploys, the executing body controller and the virtual operating system establish connection, command control and virtual operating system state query are realized, the executing body controller and the voter establish connection, and voting results are fed back;
step 2.2: and downloading the execution body, loading the execution body, the signature and the running environment configuration into a virtualized application execution engine with an execution body dependent package by a running environment manager, and starting a second-stage automatic discovery deployment of the two-stage distributed automatic discovery deployment of the execution body.
Preferably, the step 3 includes:
checking a local signature file, if the signature in the file is consistent with the signature of the executing body MD5, indicating that the checking is successful, and transmitting the signature of the executing body to a registration service of an operation environment manager;
if the local signature is tampered, indicating that verification fails, the running manager alarms that the executive body is tampered, outputs log records, and issues an automatic starting reset command through the executive body controller to repeatedly execute the downloading action of the body;
if the local signature does not exist, requesting the running environment manager to perform configuration;
after the execution body verification is successful, connection is established between the running environment and the execution body, and input, output and processing on the simulated distributed environment are performed.
Preferably, the component status section includes:
the general state describes the dispatch management state of the component service in the system, namely running, stopping and available;
special states: describing the internal special states of the component services, the number of distributor connection executor services, the decision state wait of the voter, and the internal failure of the component services.
Preferably, the step 4 includes:
step 4.1: the execution controller inquires the state of the internal component according to the preset time, and if the internal component fails, the component is restarted; the execution body implementation control includes: external control, through executing the body reset, download and install again or mirror image restore, carry on the thorough cleaning; internal control to eliminate a failure by performing a restart service;
step 4.2: and the running environment manager pulls all running environment component monitoring records through executing the state service of the controller, and performs console management monitoring.
Preferably, the step 5 includes:
step 5.1: the execution body controller directly controls the distributor, the voter, the container and the execution body service in the running environment, and the execution body controller directly restarts the execution body service or restarts the container to clean the execution body service;
step 5.2: the running environment manager indirectly controls all components in the running environment in a proxy mode by controlling the executing body controller;
the control manager commands include: start, stop and cancel; the start command is to start the controlled service and reset the zero variable; the stop command is to close the controlled service and release the occupied resources; the cancel command is to stop the controlled service, juxtapose the application state as available, wait for the mimicry running environment manager to schedule, and its corresponding states are running, stopped and available.
The compiling, running and managing system of the mimicry multimode mixed execution body provided by the application comprises:
module M1: compiling and packaging the execution bodies to construct an equivalent function service program running on multiple platforms;
module M2: deploying the simulated operating environment by adopting a two-stage distributed automatic discovery deployment mode;
module M3: the executive acquires the service of the running environment, and verifies the executive through a double tamper-proof self-checking process;
module M4: performing state monitoring on all components in the simulated operating environment, and repairing when an operating fault is found;
module M5: the service state of the component is monitored by the execution controller, and the running state of the component is controlled.
Compared with the prior art, the application has the following beneficial effects:
1. the application provides the functions of modules such as security detection, resource dependency scheduling, automatic service discovery and the like of the mimicry execution program, dynamically allocates resources according to the running requirement of the mimicry program, connects running components, simplifies the steps of manual configuration and deployment of the mimicry execution environment execution body, and improves the standardization and effectiveness of the mimicry execution body deployment;
2. the application prepares a single execution file through the encapsulation and packaging of the mimicry executives with various formats, and is convenient to carry, transfer and store;
3. the application can automatically install and deploy the mimicry executors of various operation platforms;
4. the application ensures the safety of the executive body by safely tracking the executive body and preventing the operation process from being tampered, dynamically running the safety defense on the executive body, designing a monitoring mechanism for checking the state and controlling the command.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the detailed description of non-limiting embodiments, given with reference to the accompanying drawings in which:
FIG. 1 is a schematic diagram of a mimicry multi-mode hybrid execution body, runtime environment, and manager system architecture;
FIG. 2 is a diagram of a hybrid compilation synthesis of multi-mode executors;
FIG. 3 is a simulated running environment build diagram;
FIG. 4 is a diagram of a simulated execution environment;
FIG. 5 is a flow chart of the pseudo-executable operation.
Detailed Description
The present application will be described in detail with reference to specific examples. The following examples will assist those skilled in the art in further understanding the present application, but are not intended to limit the application in any way. It should be noted that variations and modifications could be made by those skilled in the art without departing from the inventive concept. These are all within the scope of the present application.
Example 1:
the application mainly describes a mimicry execution body on a mimicry running environment, and the execution bodies running in various systems are converted and loaded on the mimicry running environment to automatically run through compiling, packaging, deploying the running environment, executing service discovery, state monitoring and control management steps.
The system comprises three modules, namely a multimode mixed execution file, a mimicry running environment and a mimicry running environment manager;
the mimicry multimode mixed execution file mainly provides a mimicry running environment manager to actively search a system suitable for multimode executable running and construct a distributed mimicry running environment, and the execution file is in a combined form and comprises an execution demand list and a plurality of service programs;
the mimicry running environment provides a basic supporting environment for running an executive body, and is connected with executive body service and a running component to realize a mimicry defending safety mechanism of a service program;
the mimicry running environment manager provides the functions of application registration, running environment management, registration management and application state management, and achieves the functions of resource allocation, mimicry running environment construction, running execution body, monitoring service execution, security audit and service scheduling management, and achieves the capacities of dynamic planning, elastic deployment and automatic running, and is shown in figure 1 in detail.
The multimode mixed execution file is downloaded to a mimicry running environment and enters a running state, and is decomposed into five steps: 1. compiling and packing an execution body; 2. deployment of an operating environment; 3. running environment service discovery; 4. monitoring states; 5. and (5) controlling and managing.
Step 1: compilation packaging of executives constructs equivalent functional services (services with unified functional interfaces, e.g., web services running on different operating systems or unified requests implemented using different languages, etc.) that can run on multiple platforms. The method comprises the following steps:
step 1.1: encoding. In addition to the service modules of the application itself, an environment discovery module and a service status module must be added. The environment discovery module is a preparation program of an executing body before starting, requests an operating environment manager, registers an executing body user, acquires operating environment configuration, and establishes connection with a distributor and a voter in the operating environment to form input and output. Meanwhile, the environment discovery module also has an executable self-checking function and prevents an executable from being tampered. The service status module is a status program describing the interior, for example: health status of the service.
Step 1.2: multimode compiling. In the compilation development environment, programs in multiple languages are compiled into executable binary files according to an executable compilation environment, for example: byte code of Java program, PE format binary code of C++ program. The execution body of the equivalent function can be realized by using multiple languages, and the development environment can generate binary files of different target platforms in a cross development mode.
Step 1.3: and (5) environment configuration. The configuration of the execution environment must be accounted for each executable binary file, for example: the CPU type, the operating system, the dependency library, the memory occupation size and the unique number of the execution body, besides, the CPU type, the operating system, the dependency library, the memory occupation size and the unique number of the execution body also comprise digital signatures of binary files, and the contents form an XML or JSON format running environment list, so that a running environment manager can conveniently search and construct a running environment according to the list.
Step 1.4: and (5) packaging and synthesizing. All files are formed in a two-layer directory mode, an operation environment demand list is stored under a root directory, binary files of single executives are stored in subdirectories, a plurality of executives can be stored in the executives, and a packaging program is used for compressing all files in the root directory and the subdirectories thereof in a zip file format to form an execution file. See fig. 2 for a specific process.
Step 2: and the deployment of the operation environment adopts a two-stage distributed automatic discovery deployment mode. Firstly, an administrator uploads a multimode mixed execution file to a mimicry running environment manager, decomposes a file package through the running environment management internal process, acquires a requirement list, generates an execution body signature, and checks to prevent the execution body from being modified. And selecting a matched running environment from the resource pool managed by the running environment manager according to the requirement list, and starting to deploy the running environment. The executable then automatically discovers the deployment and automatically establishes a security defensive construct in the mimicry running environment. The mimicry running environment consists of an executable controller, a distributor, a voter and an executable running platform (container or virtual operating system). After discovering the resources, the running environment manager builds a service connection in the following two steps, see fig. 3:
step 2.1: the runtime environment automatically discovers the deployment. The executing body controller is connected with the operation platform to realize command control and operation platform state inquiry, and the executing body controller is connected with the voter to feed back voting results.
Step 2.2: and executing body downloading. The execution environment manager loads the execution body, the signature and the execution environment configuration into the container, and starts the execution body of the second stage to automatically discover the deployment.
Step 3: running environment service discovery. The executable obtains the service of the running environment, and in order to prevent the system from hijacking and tampering with the executable, the executable is checked by a double tamper-proof self-checking process, and the following two steps are adopted, see fig. 4 specifically:
step 3.1: and (5) automatically checking. Firstly, checking a local signature file, if the signature in the file is consistent with the signature of an executing body MD5, sending the signature of the executing body to a registration service of a running environment manager, and if the local signature is tampered, finding a problem by the running environment manager. If the local signature does not exist, then the runtime environment manager configuration is requested. If the verification fails, the alarm executable is tampered, log records are output, and the starting fails, so that an executable controller in the running environment can find that the executable has no healthy output, then automatically start a reset command, and repeatedly execute the downloading action of the executable.
Step 3.2: automatically discovering services. After the execution body verification is successful, the running environment and the execution body are connected with each other to form the input, output and processing functions on the basic mimicry distributed environment.
Step 4: and (5) monitoring the state. All components in the simulated operating environment must be controlled, and faults in the operating environment can be discovered and repaired in time through state monitoring. The component states are divided into two types, one is a general state, and describes the scheduling management state of component services in the system, namely running, stopping and available. The other is a special state describing the internal special state of the component service, such as: the distributor is connected with the number of executive services, the decision state of the voter waits and the internal faults of the component services are generated.
Step 4.1: the execution controller queries the status of the internal components at intervals and, upon failure, restarts the components. The system is a scheduling management mechanism of a mimicry running environment and is responsible for monitoring running states of a distributor, a voter, a container and a plurality of execution bodies. Two control methods are implemented for the executive body, namely an external control method, the executive body is reset, the installation is downloaded again or the container mirror image is restored, and the complete cleaning is realized. And secondly, an internal control method is adopted to execute the restarting service and eliminate simple faults.
Step 4.2: and the running environment manager pulls all the running environment component monitoring records through executing the state service of the controller, so as to meet the management and monitoring requirements of the control console. And the execution controller records the component state at fixed time, and the record exceeding the time range is abandoned, so that excessive system resources are not occupied.
Step 5: and (5) controlling and managing. All components in the mimicry running environment monitor the service states of all components through the execution controller, and the running states of the control components are set. The control manager commands include: start, stop, and cancel. The start command is to start the controlled service and reset the zero variable. The stop command is to close the controlled service and release the occupied resources. The cancel command is to stop the controlled service, juxtapose the application state as available, wait for the mimicry running environment manager to schedule, and the corresponding state is: run, stop and available.
Step 5.1: the execution body controller directly controls the distributor, voter, container, and execution body services in the runtime environment. The executive body controller can directly restart executive body service, and can also control the container to restart the container, so as to achieve the function of cleaning the executive body service.
Step 5.2: the running environment manager indirectly controls all components in the running environment in a proxy way by controlling the execution body controller.
Example 2:
two-stage distributed auto-discovery deployment of files is performed.
The execution file can be directly loaded into the memory and run on the operating system, but is a distributed heterogeneous/isomorphic environment on the mimicry running environment, and the execution file needs to find a platform which can be executed, otherwise, the execution file cannot be started and has no platform, so that an execution body is required to be organized into a special file format and a special flow so as to achieve the aim of automatic deployment and execution. The mimicry multimode mixed execution body adopts a two-stage distributed automatic discovery deployment mode, and the first stage is that an operation manager builds an operation environment: uploading files to a mimicry running environment manager, using ZIP format decompressed files, reading a demand list under a root directory to form running environment configuration lists of each executable, checking signatures of the executable under each directory, and preventing illegal compiling, packing and modifying of the executable. The executable body runs the needed instruction type, the operating system, the dependency library and the memory occupation size on the executable platform, and searches for a matched running environment in a resource pool governed by the mimicry running environment manager according to a requirement list corresponding to the executable body, so that command and state service connection among internal components is established. The second stage is that the executing body discovers the running environment, a simple agent program is installed in a container, the executing body in the mimicry running environment manager is downloaded remotely, after the executing body is started, the executing body is automatically registered to the mimicry running environment manager through an internal environment discovery module program, the configuration of the corresponding mimicry running environment is obtained, and service connection of a distributor and a voter is established to form a complete mimicry running environment and mimicry application.
Dual tamper-proof self-test techniques.
To prevent executives from entering the runtime environment and being tampered with in the container, an executor signature tracking method is implemented. After the multimode mixed execution file is uploaded, the MD5 signature of the execution body is recorded, MD5 generated during compiling and assembling is automatically compared, and if inconsistent conditions occur, the execution file cannot be further operated. The executable remote download is installed into the container, which also includes the encrypted version of the executable signature and the running environment information. The inside of the execution body comprises an environment discovery module, and the local and remote verification is carried out before starting, and the consistency of the signature is judged. Firstly, checking a local signature file, and if the signature in the file is inconsistent with the MD5 signature of the executive body, outputting a log record, finding that the executive body is tampered and alarming, and failing to start the executive body. If the signature in the file is consistent with the signature of the executing body MD5, the signature of the executing body is sent to the registration service of the running environment manager, remote verification is implemented, and the executing body is started successfully. If the remote verification fails, an abnormality can be found due to the fact that the correct signature of the execution body exists in the running environment controller, and then the execution body can be terminated by a remote control command and cleaned. Two scenarios where the executable is tampered with: 1. the executable is tampered with but the signature is not modified; 2. the executable and signature are all tampered with. The specific operation mechanism is shown in fig. 5.
Status checking and command controlled monitoring mechanisms.
The mimicry runtime environment is a security defense mechanism, and the executable security defenses implemented herein are specific to the program level, namely the running structure of state checking and command control. If the state check detects that the execution body has general faults, the execution controller commands to control the reset and start the execution body, and the execution body does not perform cleaning operation. If the state check detects that the execution body has serious problems, the execution controller commands the container to be reset, and the internal execution body is downloaded again or thoroughly cleaned in a mirror image recovery mode. For example: the local check of the executing body fails, and the output warning log is found by routine state check. In this way, the scheduling management efficiency of the mimicry running environment is effectively improved by using different running modes of the executable start and the container start (see fig. 5 for details).
Those skilled in the art will appreciate that the systems, apparatus, and their respective modules provided herein may be implemented entirely by logic programming of method steps such that the systems, apparatus, and their respective modules are implemented as logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers, etc., in addition to the systems, apparatus, and their respective modules being implemented as pure computer readable program code. Therefore, the system, the apparatus, and the respective modules thereof provided by the present application may be regarded as one hardware component, and the modules included therein for implementing various programs may also be regarded as structures within the hardware component; modules for implementing various functions may also be regarded as being either software programs for implementing the methods or structures within hardware components.
The foregoing describes specific embodiments of the present application. It is to be understood that the application is not limited to the particular embodiments described above, and that various changes or modifications may be made by those skilled in the art within the scope of the appended claims without affecting the spirit of the application. The embodiments of the application and the features of the embodiments may be combined with each other arbitrarily without conflict.

Claims (7)

1. A method for compiling, running and managing a mimicry multi-mode hybrid execution body, comprising:
step 1: compiling and packaging the execution bodies to construct an equivalent function service program running on multiple platforms;
step 2: deploying the simulated operating environment by adopting a two-stage distributed automatic discovery deployment mode;
step 3: the execution body acquires the service of the running environment, and verifies the execution body through a double tamper-proof self-checking process, and after the execution body is verified successfully, the running environment and the execution body are connected with each other to form the input/output and processing functions on the basic mimicry distributed environment;
step 4: performing state monitoring on all components in the simulated operating environment, and repairing when an operating fault is found;
step 5: monitoring the service state of the component by executing the controller, and controlling the running state of the component;
the step 2 comprises the following steps: decomposing the execution file package through the operation environment manager, acquiring a demand list and a code signature, and checking to prevent modification of an execution body;
selecting a corresponding running environment from a resource pool managed by a running environment manager for deployment according to the demand list, and automatically establishing a security defense structure in the simulated running environment by an execution body;
the mimicry running environment comprises an execution body controller, a distributor, a voter and a virtual operating system;
the step 2 comprises the following steps:
the first stage: creating a mimicry running environment for an executing body through a running manager;
and a second stage: downloading and deploying an execution body through the mimicry running environment, actively registering to a running manager after the execution body is started, acquiring configuration of the mimicry running environment, and establishing service connection of the mimicry running environment, so that a complete mimicry application deployment, starting and executing process is formed;
the step 3 comprises the following steps:
checking a local signature file, if the signature in the file is consistent with the signature of the executing body MD5, indicating that the checking is successful, and transmitting the signature of the executing body to a registration service of an operation environment manager; if the signature in the file is consistent with the signature of the executing body MD5, the signature of the executing body is sent to a registration service of an operation environment manager, and remote verification is implemented;
if the local signature is tampered, indicating that verification fails, the running manager alarms that the executive body is tampered, outputs log records, and issues an automatic starting reset command through the executive body controller to repeatedly execute the downloading action of the body;
if the local signature does not exist, requesting the running environment manager to perform configuration;
after the execution body verification is successful, connection is established between the running environment and the execution body, and input, output and processing on the simulated distributed environment are performed.
2. The method for compiling, running and managing a mimicry multi-mode hybrid execution body according to claim 1, wherein the step 1 includes:
step 1.1: the method comprises the steps of constructing an environment discovery module, requesting an operation environment manager, registering an execution body user, acquiring operation environment configuration, and establishing connection with a distributor and a voter in the operation environment to form input and output before the execution body is started;
step 1.2: in a compiling development environment, compiling programs in multiple languages into executable binary files according to an executable compiling environment;
step 1.3: a requirement list of the running environment is carried out on each executable binary file;
step 1.4: the method comprises the steps of packaging and compressing an execution file, wherein the execution file comprises a root directory and a subdirectory, a running environment demand list is stored in the root directory, and an executable binary file of a single execution body is stored in the subdirectory;
when compiling the execution body, the environment discovery module performs self-checking on the execution body to prevent the execution body from being tampered, and monitors the service state of the running environment.
3. The method of compiling, running and managing a mimicry multi-mode hybrid execution body according to claim 1, wherein the running environment manager constructs the service connection after discovering the resource by:
step 2.1: the running environment automatically discovers and deploys, the executing body controller and the virtual operating system establish connection, command control and virtual operating system state query are realized, the executing body controller and the voter establish connection, and voting results are fed back;
step 2.2: and downloading the execution body, loading the execution body, the signature and the running environment configuration into a virtualized application execution engine with an execution body dependent package by a running environment manager, and starting a second-stage automatic discovery deployment of the two-stage distributed automatic discovery deployment of the execution body.
4. The method of compiling, running and managing a mimicry multi-mode hybrid execution volume of claim 1, wherein the component state score comprises:
the general state describes the dispatch management state of the component service in the system, namely running, stopping and available;
special states: internal special states of component services are described, including the number of distributor connection executor services, decision state wait of voter, and internal failure of component services.
5. The method for compiling, running and managing a mimicry multi-mode hybrid execution body according to claim 1, wherein the step 4 includes:
step 4.1: the execution controller inquires the state of the internal component according to the preset time, and if the internal component fails, the component is restarted; the execution body implementation control includes: external control, through executing the body reset, download and install again or mirror image restore, carry on the thorough cleaning; internal control to eliminate a failure by performing a restart service;
step 4.2: and the running environment manager pulls all running environment component monitoring records through executing the state service of the controller, and performs console management monitoring.
6. The method for compiling, running and managing a mimicry multi-mode hybrid execution body according to claim 1, wherein the step 5 includes:
step 5.1: the execution body controller directly controls the distributor, the voter, the container and the execution body service in the running environment, and the execution body controller directly restarts the execution body service or restarts the container to clean the execution body service;
step 5.2: the running environment manager indirectly controls all components in the running environment in a proxy mode by controlling the executing body controller;
the control manager commands include: start, stop and cancel; the start command is to start the controlled service and reset the zero variable; the stop command is to close the controlled service and release the occupied resources; the cancel command is to stop the controlled service, juxtapose the application state as available, wait for the mimicry running environment manager to schedule, and its corresponding states are running, stopped and available.
7. A compilation, execution and management system for a mimicry multi-modal hybrid execution body, comprising:
module M1: compiling and packaging the execution bodies to construct an equivalent function service program running on multiple platforms;
module M2: deploying the simulated operating environment by adopting a two-stage distributed automatic discovery deployment mode;
module M3: the execution body acquires the service of the running environment, and verifies the execution body through a double tamper-proof self-checking process, and after the execution body is verified successfully, the running environment and the execution body are connected with each other to form the input/output and processing functions on the basic mimicry distributed environment;
module M4: performing state monitoring on all components in the simulated operating environment, and repairing when an operating fault is found;
module M5: monitoring the service state of the component by executing the controller, and controlling the running state of the component;
the module M2 includes: decomposing the execution file package through the operation environment manager, acquiring a demand list and a code signature, and checking to prevent modification of an execution body;
selecting a corresponding running environment from a resource pool managed by a running environment manager for deployment according to the demand list, and automatically establishing a security defense structure in the simulated running environment by an execution body;
the mimicry running environment comprises an execution body controller, a distributor, a voter and a virtual operating system;
the module M2 includes:
the first stage: creating a mimicry running environment for an executing body through a running manager;
and a second stage: downloading and deploying an execution body through the mimicry running environment, actively registering to a running manager after the execution body is started, acquiring configuration of the mimicry running environment, and establishing service connection of the mimicry running environment, so that a complete mimicry application deployment, starting and executing process is formed;
the module M3 includes:
checking a local signature file, if the signature in the file is consistent with the signature of the executing body MD5, indicating that the checking is successful, and transmitting the signature of the executing body to a registration service of an operation environment manager; if the signature in the file is consistent with the signature of the executing body MD5, the signature of the executing body is sent to a registration service of an operation environment manager, and remote verification is implemented;
if the local signature is tampered, indicating that verification fails, the running manager alarms that the executive body is tampered, outputs log records, and issues an automatic starting reset command through the executive body controller to repeatedly execute the downloading action of the body;
if the local signature does not exist, requesting the running environment manager to perform configuration;
after the execution body verification is successful, connection is established between the running environment and the execution body, and input, output and processing on the simulated distributed environment are performed.
CN202011112399.4A 2020-10-16 2020-10-16 Compiling, running and managing method and system of mimicry multimode mixed execution body Active CN112181433B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011112399.4A CN112181433B (en) 2020-10-16 2020-10-16 Compiling, running and managing method and system of mimicry multimode mixed execution body

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011112399.4A CN112181433B (en) 2020-10-16 2020-10-16 Compiling, running and managing method and system of mimicry multimode mixed execution body

Publications (2)

Publication Number Publication Date
CN112181433A CN112181433A (en) 2021-01-05
CN112181433B true CN112181433B (en) 2023-09-26

Family

ID=73950677

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011112399.4A Active CN112181433B (en) 2020-10-16 2020-10-16 Compiling, running and managing method and system of mimicry multimode mixed execution body

Country Status (1)

Country Link
CN (1) CN112181433B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113378151A (en) * 2021-06-23 2021-09-10 上海红阵信息科技有限公司 Unified identity authentication system and method based on mimicry structure
CN115098080B (en) * 2022-08-25 2022-11-29 四川汉唐云分布式存储技术有限公司 Programming system compatible with multiple languages

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108366049A (en) * 2018-01-15 2018-08-03 中国人民解放军战略支援部队信息工程大学 A kind of isomery function equivalence executes the implementation method of body
CN110324417A (en) * 2019-06-29 2019-10-11 河南信大网御科技有限公司 A kind of cloud service execution body dynamic reconfiguration method based on mimicry defence
CN110380961A (en) * 2019-07-05 2019-10-25 中国人民解放军战略支援部队信息工程大学 A kind of device and method of conventional router mimicryization transformation
CN110912876A (en) * 2019-11-08 2020-03-24 华东计算技术研究所(中国电子科技集团公司第三十二研究所) Mimicry defense system, method and medium for information system
CN111459832A (en) * 2020-04-13 2020-07-28 郑州昂视信息科技有限公司 Heterogeneous compilation algorithm feasibility evaluation method and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108366049A (en) * 2018-01-15 2018-08-03 中国人民解放军战略支援部队信息工程大学 A kind of isomery function equivalence executes the implementation method of body
CN110324417A (en) * 2019-06-29 2019-10-11 河南信大网御科技有限公司 A kind of cloud service execution body dynamic reconfiguration method based on mimicry defence
CN110380961A (en) * 2019-07-05 2019-10-25 中国人民解放军战略支援部队信息工程大学 A kind of device and method of conventional router mimicryization transformation
CN110912876A (en) * 2019-11-08 2020-03-24 华东计算技术研究所(中国电子科技集团公司第三十二研究所) Mimicry defense system, method and medium for information system
CN111459832A (en) * 2020-04-13 2020-07-28 郑州昂视信息科技有限公司 Heterogeneous compilation algorithm feasibility evaluation method and system

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
工控拟态安全处理器验证系统测试及安全分析;张铮等;《通信学报》;第39卷(第S2期);第2018273-1-2018273-7页 *
拟态通用运行环境的框架设计;付琳等;《计算机工程》;第46卷(第3期);第24-33页 *
拟态通用运行环境的资源管理与调度技术;霍立田等;《计算机工程》;第46卷(第2期);第159-169页 *

Also Published As

Publication number Publication date
CN112181433A (en) 2021-01-05

Similar Documents

Publication Publication Date Title
US11762986B2 (en) System for securing software containers with embedded agent
JP5535484B2 (en) Automated software testing framework
CN112181433B (en) Compiling, running and managing method and system of mimicry multimode mixed execution body
JP2020528629A (en) Building software delta updates for vehicle ECU software and toolchain-based anomaly detection
US8555238B2 (en) Programming and development infrastructure for an autonomic element
CN109983434A (en) For eliminating the system and method restarted during the configuration of the initial machine of operating system
CN110912876A (en) Mimicry defense system, method and medium for information system
CN110188574B (en) Webpage tamper-proofing system and method for Docker container
WO2019154202A1 (en) Security protection method and apparatus
CN117099079A (en) System configuration freezing and change management of services deployed via continuous delivery configured on a data center in a cloud platform
Pradhan et al. Chariot: Goal-driven orchestration middleware for resilient iot systems
CN112860282A (en) Upgrading method and device of cluster plug-in and server
US9110758B2 (en) Cross-platform software framework for embedded systems on data storage device
US20220156377A1 (en) Firmware runtime patch secure release process
CN111752635A (en) Application program running method and device, computer equipment and storage medium
CN213186571U (en) ECU security upgrading system applied to vehicle-mounted network
CN114546420A (en) Software remote installation protection uninstalling method
Lavrischeva et al. Technology of assembly creation of an experimental version OS Linux kernels with quality assurance for applied and subject areas of knowledge
CA2543938C (en) Programming and development infrastructure for an autonomic element
CN116341012B (en) File system security reinforcement method based on read-only mechanism
CN116257841B (en) Function processing method and device based on Kubernetes
EP4182820B1 (en) Computing device for establishing a trusted execution environment
Wang et al. Tjosconf: Automatic and safe system environment operations platform
US20230267211A1 (en) A method of attesting a state of a computing environment
US20230280912A1 (en) A storage module for storing a data file and providing its hash

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant