| 基于内核驱动层的操作系统监控技术研究 |
| |
| 引用本文: | 罗海波.基于内核驱动层的操作系统监控技术研究[J].柳州职业技术学院学报,2011,11(3):51-54. |
| |
| 作者姓名: | 罗海波 |
| |
| 作者单位: | 柳州职业技术学院信息工程系,广西柳州,545006 |
| |
| 摘 要: | 根据基于驱动层的操作系统内核监控技术可以截获操作系统底层运行的细节情况,探讨了采用内核态的监控技术,实现对操作系统底层外设操作驱动的监控。首先,阐述内核驱动拦截技术的核心思想、实现步骤和典型过程;然后,对内核驱动数据结构进行详细分析,给出了DRIVER_OB-JECT的数据结构,为开发相应拦截程序奠定基础。最后介绍基于内核驱动的监控程序实现过程,给出了内核驱动监控的具体实现流程,并以一个具体的内核函数调用为例,介绍了信息拦截过程。
|
| 关 键 词: | 驱动 内核监控 数据结构 拦截程序 |
The Research of the Operating System Monitoring Technology Based on Kernel Drivers |
| |
| LUO Hai-bo.The Research of the Operating System Monitoring Technology Based on Kernel Drivers[J].Journal of Liuzhou Vocational & Technical College,2011,11(3):51-54. |
| |
| Authors: | LUO Hai-bo |
| |
| Institution: | LUO Hai-bo (Liuzhou Vocational &Technical College,Liuzhou Guangxi 545006,China) |
| |
| Abstract: | It May get many details about the operating system running processing based on the kernel drivers monitoring.This paper uses the bottom level monitoring technology;the author has realized the technology of monitoring to the operating system bottom level peripheral device operation actuation,elaborated in detail the key ideas about kernel driver interception technology and realization steps and typical working procession.Besides that,the author has carried on the analysis to the kernel driver data structure with emphasis,and has given the DRIVER_OBJECT data structure which made the foundation for the development corresponding interception procedure.Finally the author introduced the realization of the monitoring procedure based on the kernel drivers in details and gave the monitoring flow based on the kernel drivers specifically.Has taken a concrete monitoring procedure based on kernel drivers as examples,the author introduced the information interception procession. |
| |
| Keywords: | drivers kernel monitoring data structure interception bottom level |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
