CN113158177A - Dynamic measurement method, device, equipment and storage medium - Google Patents
Dynamic measurement method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN113158177A CN113158177A CN202010075045.0A CN202010075045A CN113158177A CN 113158177 A CN113158177 A CN 113158177A CN 202010075045 A CN202010075045 A CN 202010075045A CN 113158177 A CN113158177 A CN 113158177A
- Authority
- CN
- China
- Prior art keywords
- target
- target process
- executable code
- memory page
- dynamic measurement
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
Abstract
The invention discloses a dynamic measurement method, a dynamic measurement device, dynamic measurement equipment and a storage medium, which relate to the technical field of communication and aim to improve the security of a process. The method comprises the following steps: when a target process is selected by a scheduler and is not executed, carrying out dynamic measurement on a target executable code of the target process to obtain a dynamic measurement result; and determining whether to execute the target process according to the dynamic measurement result. The embodiment of the invention can improve the safety of the process.
Description
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a dynamic measurement method, apparatus, device, and storage medium.
Background
Dynamic metrics are an important method of ensuring the integrity of program execution. The dynamic measurement realizes the credibility and safe execution of the program by carrying out corresponding integrity measurement on the program in operation, and ensures that the execution result of the program is in line with expectation.
In an operating system, when a program executable is loaded into memory and is being executed or is waiting to be executed, its executable code segments should be identical to the default executable. If the change occurs, the executable code is indicated to be modified abnormally, which results in incomplete program execution process and un-credible program execution result. By measuring the executable code of the program, the executable code can be guaranteed not to be tampered by an attacker, and the integrity of the program is guaranteed.
The memory of the operating system is allocated and managed in units of memory pages, and the executable code of the program is loaded into the memory in units of memory pages. When the os scheduler schedules and selects a process to be executed, the scheduler will point the control pointer (PC pointer) to the memory address of the executable code of the process to be executed.
The prior art proposes a dynamic measurement method. However, in this approach, in some cases, an attacker may make modifications to the executable code and not trigger a page fault exception. The situation can cause that the dynamic measurement of the existing scheme is not triggered timely, so that the dynamic measurement mechanism fails, and potential safety hazards are easily caused.
Disclosure of Invention
The embodiment of the invention provides a dynamic measurement method, a dynamic measurement device, dynamic measurement equipment and a storage medium, which are used for improving the safety of a process.
In a first aspect, an embodiment of the present invention provides a dynamic measurement method, including:
when a target process is selected by a scheduler and is not executed, carrying out dynamic measurement on a target executable code of the target process to obtain a dynamic measurement result;
and determining whether to execute the target process according to the dynamic measurement result.
Wherein the performing dynamic measurement on the target executable code of the target process to obtain a dynamic measurement result includes:
determining the memory page identifier of the target executable code segment;
determining a target metric value of the memory page corresponding to the memory page identifier;
acquiring a reference metric value of the memory page;
and comparing the target metric value with the reference metric value to obtain the dynamic metric result.
Wherein the determining the target metric value of the memory page corresponding to the memory page identifier includes:
and carrying out Hash operation on the executable code segment in the memory page to obtain the target metric value.
Wherein the obtaining the reference metric value of the memory page includes:
searching a process measurement list according to the information of the target process to obtain a target process node corresponding to the information of the target process;
and searching a page metric list according to the information of the target process node and the memory page identifier to obtain a reference metric value of the memory page.
Wherein the determining whether to execute the target process according to the dynamic measurement result comprises:
continuing to execute the target process if the target metric value and the reference metric value are consistent; otherwise, ending executing the target process.
Before the dynamic measurement is performed on the target executable code of the target process to obtain a dynamic measurement result, the method further includes:
creating a data structure interface metric node, wherein a first variable in the interface metric node is used for representing an identifier of a memory page where an executable code is located, and a second variable is used for representing a reference metric value of the memory page where the executable code is located;
forming a page measurement list by using the interface measurement nodes;
and forming a process metric list by using the page metric list.
Before the dynamic measurement is performed on the target executable code of the target process to obtain a dynamic measurement result, the method further includes:
and setting the scheduler to enable the scheduler to perform dynamic measurement on the target executable code of the target process after the scheduler executes the key statement.
In a second aspect, an embodiment of the present invention provides a dynamic metrology apparatus, including:
the first processing module is used for carrying out dynamic measurement on a target executable code of a target process to obtain a dynamic measurement result when the target process is selected by a scheduler and is not executed;
and the second processing module is used for determining whether to execute the target process according to the dynamic measurement result.
Wherein the first processing module comprises:
a first determining submodule, configured to determine a memory page identifier where the target executable code segment is located;
a second determining submodule, configured to determine a target metric value of the memory page corresponding to the memory page identifier;
the obtaining submodule is used for obtaining a reference metric value of the memory page;
and the comparison submodule is used for comparing the target metric value with the reference metric value to obtain the dynamic metric result.
The second determining submodule is configured to perform a hash operation on the executable code segment in the memory page to obtain the target metric value.
Wherein the acquisition submodule comprises:
the first searching unit is used for searching a process measurement list according to the information of the target process to obtain a target process node corresponding to the information of the target process;
and the second searching unit is configured to search a page metric list according to the information of the target process node and the memory page identifier, so as to obtain a reference metric value of the memory page.
The second processing module is specifically configured to, under a condition that the target metric value and the reference metric value are consistent, continue to execute the target process; otherwise, ending executing the target process.
Wherein the apparatus further comprises:
a creating module, configured to create a data structure interface metric node, where a first variable in the interface metric node is used to represent an identifier of a memory page where an executable code is located, and a second variable is used to represent a reference metric value of the memory page where the executable code is located;
the third processing module is used for forming a page measurement list by using the interface measurement nodes;
and the fourth processing module is used for forming a process metric list by utilizing the page metric list.
Wherein the apparatus further comprises:
and the setting module is used for setting the scheduler so that the scheduler performs dynamic measurement on the target executable code of the target process after executing the key statement.
In a third aspect, an embodiment of the present invention provides a dynamic measurement apparatus, including: a processor and a transceiver;
the processor is used for carrying out dynamic measurement on the target executable code of the target process to obtain a dynamic measurement result when the target process is selected by the scheduler and is not executed; and determining whether to execute the target process according to the dynamic measurement result.
Wherein the processor is further configured to:
determining the memory page identifier of the target executable code segment;
determining a target metric value of the memory page corresponding to the memory page identifier;
acquiring a reference metric value of the memory page;
and comparing the target metric value with the reference metric value to obtain the dynamic metric result.
Wherein the processor is further configured to:
and carrying out Hash operation on the executable code segment in the memory page to obtain the target metric value.
Wherein the processor is further configured to:
searching a process measurement list according to the information of the target process to obtain a target process node corresponding to the information of the target process;
and searching a page metric list according to the information of the target process node and the memory page identifier to obtain a reference metric value of the memory page.
Wherein the processor is further configured to:
continuing to execute the target process if the target metric value and the reference metric value are consistent; otherwise, ending executing the target process.
Wherein the processor is further configured to:
creating a data structure interface metric node, wherein a first variable in the interface metric node is used for representing an identifier of a memory page where an executable code is located, and a second variable is used for representing a reference metric value of the memory page where the executable code is located;
forming a page measurement list by using the interface measurement nodes;
and forming a process metric list by using the page metric list.
Wherein the processor is further configured to:
and setting the scheduler to enable the scheduler to perform dynamic measurement on the target executable code of the target process after the scheduler executes the key statement.
In a fourth aspect, an embodiment of the present invention provides an electronic device, including: a transceiver, a memory, a processor, and a program stored on the memory and executable on the processor; the processor is configured to read a program in the memory to implement the steps in the dynamic metrology method according to the first aspect.
In a fifth aspect, an embodiment of the present invention provides a computer-readable storage medium for storing a computer program, which when executed by a processor implements the steps in the dynamic metrology method according to the first aspect.
In the embodiment of the invention, when the target process is selected by the scheduler and is not executed, the target executable code of the target process is dynamically measured to obtain a dynamic measurement result, and whether the target process is executed or not is determined according to the dynamic measurement result. By the method, the trigger of the dynamic measurement mechanism can be more timely, and the condition that the memory content is tampered but the dynamic measurement is not triggered is avoided. Therefore, the scheme of the embodiment of the invention can improve the safety of the process.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments of the present invention will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive exercise.
FIG. 1 is a flow chart of a dynamic metrology method provided by an embodiment of the present invention;
FIG. 2 is a second flowchart of a dynamic metrology method provided by an embodiment of the present invention;
FIG. 3 is a diagram of a dynamic metrology architecture provided by an embodiment of the present invention;
FIG. 4 is a block diagram of a dynamic metrology apparatus provided in accordance with an embodiment of the present invention;
FIG. 5 is a second block diagram of a dynamic metrology device according to an embodiment of the present invention;
fig. 6 is a block diagram of an electronic device provided in an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, fig. 1 is a flowchart of a dynamic metric method provided by an embodiment of the present invention, which can be applied to a scheduler of an operating system, as shown in fig. 1, and includes the following steps:
Wherein the target process may refer to any process that is selected by the scheduler and is not executed. In the embodiment of the invention, when the time slice of the operating system is exhausted, the scheduler selects a new process to be executed, updates the PC pointer and carries out dynamic measurement on the process at the time point of not executing the process.
Specifically, in this step, the following process may be included:
(1) and determining the memory page identifier of the target executable code segment.
The target executable code section refers to any executable code section of the target process in the memory. The memory of the operating system is allocated and managed in units of memory pages, and the executable code of the program is loaded into the memory in units of memory pages. Therefore, for the target executable code in the memory, the memory page identifier where the target executable code is located can be obtained. The memory page identifier may include a page number of a memory page.
(2) And determining a target metric value of the memory page corresponding to the memory page identifier.
In the embodiment of the present invention, hash operation is performed on the executable code segment in the memory page to obtain the target metric value. The specific algorithm used in the hash operation is not limited in the embodiment of the present invention.
(3) And acquiring a reference metric value of the memory page.
In this embodiment of the present invention, the reference metric value of each memory page may be pre-stored in a certain memory module. For example, it may be stored in memory in advance.
Specifically, at the time of storage, a data structure page _ measure _ node (interface measure node) is first created. The data structure includes two variables: a first variable int vadd _ in _ page, a second variable char measure _ whitelist [20 ]. The first variable vadd _ in _ page represents the memory page of the executable code, i.e. represents the identifier (e.g. page number) of the memory page where the executable code is located. The second variable measure _ whitelist represents a reference metric value of the memory page where the executable code is located, and is 160 bits in total, and is represented by 20 char.
And then, forming a page metric list (page _ measure _ array) by using the interface metric nodes. Specifically, an array page _ measure _ array is created, which is composed of page _ measure _ nodes.
Finally, a process _ measure _ array is formed using the page measure list. Specifically, an array process _ measure _ array is created, which is composed of page _ measure _ arrays.
After the data structure is created, the executable code segment (text segment) of the executable file (elf file) is divided by taking the page table length as a unit, and the metric value of each memory page is calculated respectively. The metric value is used as a reference value for the executable code of the program. Then, the page number and the reference value of the memory page in which the executable code segment is located are written into the page _ measure _ node, and the page _ measure _ array is generated by using the page _ measure _ node, and the process _ measure _ array is generated by using the page _ measure _ array.
Therefore, in this step, the process metric list may be searched according to the information (such as the process name) of the target process, so as to obtain the target process node corresponding to the information of the target process. Then, according to the information (process number, etc.) of the target process node and the memory page identifier, a page metric list is searched to obtain a reference metric value of the memory page.
(4) And comparing the target metric value with the reference metric value to obtain the dynamic metric result.
And step 102, determining whether to execute the target process according to the dynamic measurement result.
Specifically, in this step, the target process is continuously executed under the condition that the target metric value and the reference metric value are consistent; otherwise, ending executing the target process.
In the embodiment of the invention, when the target process is selected by the scheduler and is not executed, the target executable code of the target process is dynamically measured to obtain a dynamic measurement result, and whether the target process is executed or not is determined according to the dynamic measurement result. By the method, the trigger of the dynamic measurement mechanism can be more timely, and the condition that the memory content is tampered but the dynamic measurement is not triggered is avoided. Therefore, the scheme of the embodiment of the invention can improve the safety of the process. Meanwhile, in the process of executing the scheme of the embodiment of the invention, because the dynamic measurement occurs in the scheduler of the operating system, the process is not suspended by the execution of the dynamic measurement, and therefore, the execution of the dynamic measurement does not have any influence on the normal execution process of the process.
Optionally, in this embodiment of the present invention, before step 101, the scheduler may be further configured to perform dynamic measurement on the target executable code of the target process after the scheduler executes the critical statement. That is, a metric point is set in the scheduler. By adding the measurement point in the scheduler, the integrity measurement can be carried out on the process to be executed in time, and the integrity of the executable code is protected.
Referring to fig. 2, fig. 2 is a flow chart of a dynamic metrology method of an embodiment of the present invention. In the embodiment of the present invention, four program modules may be provided: the device comprises a memory page detection module, a metric value calculation module, an integrity comparison module and a reference value storage module. The memory page detection module, the metric value calculation module and the integrity comparison module work in an operating system kernel schedule () scheduler. The reference value storage module may operate in a memory.
Wherein, vadd _ in _ page represents the page number of the memory page where the executable code is located, and the measure _ whitelist represents the standard value of the memory page, and 160 bits in total are represented by 20 char.
Specifically, the hash budget is performed on the executable code segment of a certain memory page, so as to obtain the metric value of the memory page.
Specifically, a memory page detection module, a metric value calculation module, and an integrity comparison module are inserted after a key statement switch _ to () (process context switch) function of an operating system scheduler schedule ().
In step 206, the memory page detection module detects the page where the executable code segment is located, and obtains a memory page number.
In this step, only the memory page number of the executable code segment in the memory is sent to the metric value calculation module, and no measurement is performed on the executable code segment that is not called into the memory and is in the storage device.
Similarly, in this step, the hash operation is performed on the executable code of the memory page corresponding to the memory page number to obtain the metric value of the memory page.
The hash operation used in this step may be consistent with the hash algorithm used in step 204.
And step 208, the integrity comparison module compares the metric value of each memory page with the corresponding reference value in the reference value storage module to determine whether tampering occurs.
And if the metric value of a certain memory page is consistent with the reference value, determining that the memory page is not tampered, and continuing to execute the program instruction until the time slice of the current scheduling period is used up or the process execution is finished. And if the measurement value of a certain memory page is consistent with the reference value, determining that tampering occurs, ending the execution of the process, and scheduling the next process.
Specifically, referring to fig. 3, a diagram of a dynamic metrology architecture in an embodiment of the present invention is shown. In fig. 3, process P1 is taken as an example. After the memory page numbers are obtained by the memory page detection module and the metric value calculation module, the integrity comparison module stores and obtains the reference value corresponding to each memory page from the reference value.
Specifically, the integrity comparison module finds the corresponding process node (e.g., node1) from the process _ measure _ array according to the name of the process P1 and other information. Then, the page _ measure _ array of the node1 finds the reference value corresponding to the memory page according to the memory page number. The integrity comparison module compares the metric value calculated in step 207 with the found reference value, thereby determining whether to continue executing the process.
As can be seen from the above description, in the embodiment of the present invention, the triggering of the dynamic metric is more accurate, so as to improve the security of the process. Meanwhile, due to the fact that the measurement point is added into the scheduler, timely integrity measurement can be conducted on the process to be executed, and integrity of the executable code is protected. In addition, in the scheme of the embodiment of the invention, the execution of the dynamic measurement can not influence the normal execution process of the process.
The embodiment of the invention also provides a dynamic measurement device. Referring to fig. 4, fig. 4 is a structural diagram of a dynamic metrology device according to an embodiment of the present invention. Because the principle of the dynamic measurement device for solving the problem is similar to the dynamic measurement method in the embodiment of the present invention, the implementation of the dynamic measurement device can refer to the implementation of the method, and repeated details are not repeated.
As shown in fig. 4, the dynamic metrology apparatus 400 includes:
a first processing module 401, configured to perform dynamic measurement on a target executable code of a target process before the target process is selected by a scheduler and is not executed, so as to obtain a dynamic measurement result; a second processing module 402, configured to determine whether to execute the target process according to the dynamic measurement result.
Optionally, the first processing module 401 may include:
a first determining submodule, configured to determine a memory page identifier where the target executable code segment is located; a second determining submodule, configured to determine a target metric value of the memory page corresponding to the memory page identifier; the obtaining submodule is used for obtaining a reference metric value of the memory page; and the comparison submodule is used for comparing the target metric value with the reference metric value to obtain the dynamic metric result.
The second determining submodule is configured to perform a hash operation on the executable code segment in the memory page to obtain the target metric value.
Wherein the acquisition submodule comprises: the first searching unit is used for searching a process measurement list according to the information of the target process to obtain a target process node corresponding to the information of the target process; and the second searching unit is configured to search a page metric list according to the information of the target process node and the memory page identifier, so as to obtain a reference metric value of the memory page.
The second processing module 402 may be specifically configured to, in a case that the target metric value and the reference metric value are consistent, continue to execute the target process; otherwise, ending executing the target process.
Wherein the apparatus further comprises:
a creating module, configured to create a data structure interface metric node, where a first variable in the interface metric node is used to represent an identifier of a memory page where an executable code is located, and a second variable is used to represent a reference metric value of the memory page where the executable code is located;
the third processing module is used for forming a page measurement list by using the interface measurement nodes;
and the fourth processing module is used for forming a process metric list by utilizing the page metric list.
Wherein the apparatus further comprises:
and the setting module is used for setting the scheduler so that the scheduler performs dynamic measurement on the target executable code of the target process after executing the key statement.
The apparatus provided in the embodiment of the present invention may implement the method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
The embodiment of the invention also provides a dynamic measurement device. Referring to fig. 5, fig. 5 is a block diagram of a dynamic metrology apparatus according to an embodiment of the present invention. Because the principle of the dynamic measurement device for solving the problem is similar to the dynamic measurement method in the embodiment of the present invention, the implementation of the dynamic measurement device can refer to the implementation of the method, and repeated details are not repeated.
As shown in fig. 5, the dynamic metrology apparatus includes: a processor 501 and a transceiver 502.
The processor 501 is configured to, when a target process is selected by a scheduler and is not executed, perform dynamic measurement on a target executable code of the target process to obtain a dynamic measurement result; and determining whether to execute the target process according to the dynamic measurement result.
Wherein the processor 501 is further configured to:
determining the memory page identifier of the target executable code segment; determining a target metric value of the memory page corresponding to the memory page identifier; acquiring a reference metric value of the memory page; and comparing the target metric value with the reference metric value to obtain the dynamic metric result.
Wherein the processor 501 is further configured to:
and carrying out Hash operation on the executable code segment in the memory page to obtain the target metric value.
Wherein the processor 501 is further configured to:
searching a process measurement list according to the information of the target process to obtain a target process node corresponding to the information of the target process; and searching a page metric list according to the information of the target process node and the memory page identifier to obtain a reference metric value of the memory page.
Wherein the processor 501 is further configured to:
continuing to execute the target process if the target metric value and the reference metric value are consistent; otherwise, ending executing the target process.
Wherein the processor 501 is further configured to:
creating a data structure interface metric node, wherein a first variable in the interface metric node is used for representing an identifier of a memory page where an executable code is located, and a second variable is used for representing a reference metric value of the memory page where the executable code is located; forming a page measurement list by using the interface measurement nodes; and forming a process metric list by using the page metric list.
Wherein the processor 501 is further configured to:
and setting the scheduler to enable the scheduler to perform dynamic measurement on the target executable code of the target process after the scheduler executes the key statement.
The apparatus provided in the embodiment of the present invention may implement the method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
As shown in fig. 6, the electronic device according to the embodiment of the present invention includes: the processor 600, which is used to read the program in the memory 620, executes the following processes:
when a target process is selected by a scheduler and is not executed, carrying out dynamic measurement on a target executable code of the target process to obtain a dynamic measurement result;
and determining whether to execute the target process according to the dynamic measurement result.
A transceiver 610 for receiving and transmitting data under the control of the processor 600.
Where in fig. 6, the bus architecture may include any number of interconnected buses and bridges, with various circuits being linked together, particularly one or more processors represented by processor 600 and memory represented by memory 620. The bus architecture may also link together various other circuits such as peripherals, voltage regulators, power management circuits, and the like, which are well known in the art, and therefore, will not be described any further herein. The bus interface provides an interface. The transceiver 610 may be a number of elements including a transmitter and a transceiver providing a means for communicating with various other apparatus over a transmission medium. The processor 600 is responsible for managing the bus architecture and general processing, and the memory 620 may store data used by the processor 600 in performing operations.
The processor 600 is responsible for managing the bus architecture and general processing, and the memory 620 may store data used by the processor 600 in performing operations.
The processor 600 is further configured to read the program and execute the following steps:
determining the memory page identifier of the target executable code segment;
determining a target metric value of the memory page corresponding to the memory page identifier;
acquiring a reference metric value of the memory page;
and comparing the target metric value with the reference metric value to obtain the dynamic metric result.
The processor 600 is further configured to read the program and execute the following steps:
and carrying out Hash operation on the executable code segment in the memory page to obtain the target metric value.
The processor 600 is further configured to read the program and execute the following steps:
searching a process measurement list according to the information of the target process to obtain a target process node corresponding to the information of the target process;
and searching a page metric list according to the information of the target process node and the memory page identifier to obtain a reference metric value of the memory page.
The processor 600 is further configured to read the program and execute the following steps:
continuing to execute the target process if the target metric value and the reference metric value are consistent; otherwise, ending executing the target process.
The processor 600 is further configured to read the program and execute the following steps:
creating a data structure interface metric node, wherein a first variable in the interface metric node is used for representing an identifier of a memory page where an executable code is located, and a second variable is used for representing a reference metric value of the memory page where the executable code is located;
forming a page measurement list by using the interface measurement nodes;
and forming a process metric list by using the page metric list.
The processor 600 is further configured to read the program and execute the following steps:
and setting the scheduler to enable the scheduler to perform dynamic measurement on the target executable code of the target process after the scheduler executes the key statement.
The device provided by the embodiment of the present invention may implement the above method embodiment, and the implementation principle and technical effect are similar, which are not described herein again.
The embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program implements each process of the dynamic measurement method embodiment, and can achieve the same technical effect, and in order to avoid repetition, details are not repeated here. The computer-readable storage medium may be a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. With such an understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the methods according to the embodiments of the present invention.
While the present invention has been described with reference to the embodiments shown in the drawings, the present invention is not limited to the embodiments, which are illustrative and not restrictive, and it will be apparent to those skilled in the art that various changes and modifications can be made therein without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (11)
1. A method for dynamic metrology, comprising:
when a target process is selected by a scheduler and is not executed, carrying out dynamic measurement on a target executable code of the target process to obtain a dynamic measurement result;
and determining whether to execute the target process according to the dynamic measurement result.
2. The method of claim 1, wherein the dynamically measuring the target executable code of the target process to obtain a dynamic measurement result comprises:
determining the memory page identifier of the target executable code segment;
determining a target metric value of the memory page corresponding to the memory page identifier;
acquiring a reference metric value of the memory page;
and comparing the target metric value with the reference metric value to obtain the dynamic metric result.
3. The method according to claim 2, wherein the determining the target metric value of the memory page corresponding to the memory page identifier comprises:
and carrying out Hash operation on the executable code segment in the memory page to obtain the target metric value.
4. The method according to claim 2, wherein the obtaining the reference metric value of the memory page comprises:
searching a process measurement list according to the information of the target process to obtain a target process node corresponding to the information of the target process;
and searching a page metric list according to the information of the target process node and the memory page identifier to obtain a reference metric value of the memory page.
5. The method of claim 2, wherein determining whether to execute the target process based on the dynamic metric results comprises:
continuing to execute the target process if the target metric value and the reference metric value are consistent; otherwise, ending executing the target process.
6. The method of claim 1, wherein before the dynamically measuring the target executable code of the target process to obtain a dynamic measurement result, the method further comprises:
creating a data structure interface metric node, wherein a first variable in the interface metric node is used for representing an identifier of a memory page where an executable code is located, and a second variable is used for representing a reference metric value of the memory page where the executable code is located;
forming a page measurement list by using the interface measurement nodes;
and forming a process metric list by using the page metric list.
7. The method of claim 1, wherein before the dynamically measuring the target executable code of the target process to obtain a dynamic measurement result, the method further comprises:
and setting the scheduler to enable the scheduler to perform dynamic measurement on the target executable code of the target process after the scheduler executes the key statement.
8. A dynamic metrology apparatus, comprising:
the first processing module is used for carrying out dynamic measurement on a target executable code of a target process to obtain a dynamic measurement result when the target process is selected by a scheduler and is not executed;
and the second processing module is used for determining whether to execute the target process according to the dynamic measurement result.
9. A dynamic metrology apparatus, comprising: a processor and a transceiver;
the processor is used for carrying out dynamic measurement on the target executable code of the target process to obtain a dynamic measurement result when the target process is selected by the scheduler and is not executed; and determining whether to execute the target process according to the dynamic measurement result.
10. An electronic device, comprising: a transceiver, a memory, a processor, and a program stored on the memory and executable on the processor; it is characterized in that the preparation method is characterized in that,
the processor, which is used for reading a program in a memory to realize the steps in the dynamic measurement method according to any one of claims 1 to 7.
11. A computer-readable storage medium for storing a computer program, wherein the computer program, when executed by a processor, implements the steps in the dynamic metrology method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010075045.0A CN113158177A (en) | 2020-01-22 | 2020-01-22 | Dynamic measurement method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010075045.0A CN113158177A (en) | 2020-01-22 | 2020-01-22 | Dynamic measurement method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113158177A true CN113158177A (en) | 2021-07-23 |
Family
ID=76881855
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010075045.0A Pending CN113158177A (en) | 2020-01-22 | 2020-01-22 | Dynamic measurement method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113158177A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114168934A (en) * | 2021-11-30 | 2022-03-11 | 麒麟软件有限公司 | LINUX kernel level process dynamic measurement method |
| CN117113435A (en) * | 2023-09-22 | 2023-11-24 | 国网江苏省电力有限公司扬州供电分公司 | Fine granularity integrity measurement model and method based on access control of system page table |
-
2020
- 2020-01-22 CN CN202010075045.0A patent/CN113158177A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114168934A (en) * | 2021-11-30 | 2022-03-11 | 麒麟软件有限公司 | LINUX kernel level process dynamic measurement method |
| CN117113435A (en) * | 2023-09-22 | 2023-11-24 | 国网江苏省电力有限公司扬州供电分公司 | Fine granularity integrity measurement model and method based on access control of system page table |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109634837B (en) | Automatic test method, device, equipment and storage medium | |
| CN107729227B (en) | Application program test range determining method, system, server and storage medium | |
| CN110321284B (en) | Test data entry method, device, computer equipment and storage medium | |
| CN108388509B (en) | Software testing method, computer readable storage medium and terminal equipment | |
| CN107316156B (en) | Data processing method, device, server and storage medium | |
| CN113448862B (en) | Software version testing method and device and computer equipment | |
| CN113158177A (en) | Dynamic measurement method, device, equipment and storage medium | |
| CN111026663A (en) | Software defect detection method and device, computer equipment and storage medium | |
| CN108399125B (en) | Automatic testing method and device, computer equipment and storage medium | |
| CN111177703B (en) | Method and device for determining data integrity of operating system | |
| JP2019016335A (en) | Systems and methods for preventing data loss in computer system | |
| CN117216758B (en) | Application security detection system and method | |
| CN112911235A (en) | Monitoring rule configuration method, device, server and storage medium | |
| CN113254153A (en) | Process task processing method and device, computer equipment and storage medium | |
| CN109684205B (en) | System testing method, device, electronic equipment and storage medium | |
| CN111597093B (en) | Exception handling method, device and equipment thereof | |
| CN114492370B (en) | Webpage identification method, webpage identification device, electronic equipment and medium | |
| CN109815083B (en) | Application crash monitoring method and device, electronic equipment and medium | |
| CN113609184A (en) | Early warning method, device and equipment for abnormal operation | |
| CN111061875A (en) | Hyper-parameter determination method, device, computer equipment and storage medium | |
| CN111414178A (en) | Equipment information updating method, device, equipment and medium | |
| CN116298930B (en) | Method, device and server for measuring health degree of battery pack | |
| CN114117181B (en) | Website page turning logic acquisition method and device and website page turning control method and device | |
| CN115509934A (en) | Page testing method and device | |
| CN117852067A (en) | Data desensitization method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |