ARM仿真平台上Linux2.6内核运行自动跟踪与分析的研究
发布时间:2019-01-08 14:22
【摘要】:嵌入式系统在人们的生活中随处可见,但由于嵌入式系统的特点,使得在嵌入式操作系统的裁剪或移植过程中面临着许多困难。本文主要研究了一种在仿真平台上对Linux内核运行进行自动跟踪与分析的方法,可以对操作系统内核代码进行测试、分析与验证,可以作为操作系统裁剪或移植过程中的一个辅助工具。 首先,本文介绍了行为分析的概念及特点,并分析了它在信息安全等领域中的应用方法。分析了仿真平台的特点以及它与传统硬件平台相比在进行系统分析和软件跟踪时存在的优势。结合行为分析的特点和仿真平台的特点,提出了一种基于行为分析的仿真平台上Linux内核运行的跟踪机制。针对本文的应用环境定义了行为跟踪的粒度,包括粗粒度跟踪与细粒度跟踪。粗粒度跟踪是从函数级层次跟踪被监测函数序列的运行轨迹,它记录了每一个被监测函数执行时的状态以及被监测函数的调用序列。细粒度跟踪是从指令级层次跟踪被监测函数的运行轨迹,它记录了被监测函数执行时每条指令的地址。对两种跟踪方式的算法进行了详细描述;其次,简单介绍了ARM微处理器的特点以及ARM函数调用标准。在ARM仿真平台上,实现了粗粒度跟踪与细粗粒度跟踪的算法;最后,分析了在Linux2.6内核中进程创建、进程调度以及程序加载的实现原理,在此基础上设计了测试用例,对基于行为分析的仿真平台上Linux内核运行自动跟踪与分析的方法进行了验证。
[Abstract]:The embedded system can be seen everywhere in people's life, but because of the characteristic of the embedded system, it faces many difficulties in the process of cutting or transplanting the embedded operating system. This paper mainly studies a method of automatically tracking and analyzing the running of Linux kernel on the simulation platform, which can test, analyze and verify the kernel code of the operating system. It can be used as an auxiliary tool in the process of operating system tailoring or porting. Firstly, this paper introduces the concept and characteristics of behavior analysis, and analyzes its application in information security. The characteristics of the simulation platform and its advantages in system analysis and software tracking compared with the traditional hardware platform are analyzed. According to the characteristics of behavior analysis and simulation platform, a tracking mechanism of Linux kernel running on the simulation platform based on behavior analysis is proposed. The granularity of behavior tracking is defined for the application environment in this paper, including coarse-grained tracking and fine-grained tracking. Coarse-grained tracking is to track the track of the monitored function sequence from the function level. It records the state of each monitored function when it is executed and the call sequence of the monitored function. Fine-grained tracking is to track the track of the monitored function from the instruction level, which records the address of each instruction when the monitored function is executed. The algorithms of two tracking methods are described in detail. Secondly, the characteristics of ARM microprocessor and the standard of ARM function call are briefly introduced. The algorithms of coarse-grained tracking and fine-coarse-grained tracking are realized on the ARM simulation platform. Finally, the implementation principle of process creation, process scheduling and program loading in Linux2.6 kernel is analyzed, and the test cases are designed. The method of automatic tracking and analysis of Linux kernel running on the simulation platform based on behavior analysis is verified.
【学位授予单位】:华北电力大学
【学位级别】:硕士
【学位授予年份】:2012
【分类号】:TP316.81;TP368.1
本文编号:2404726
[Abstract]:The embedded system can be seen everywhere in people's life, but because of the characteristic of the embedded system, it faces many difficulties in the process of cutting or transplanting the embedded operating system. This paper mainly studies a method of automatically tracking and analyzing the running of Linux kernel on the simulation platform, which can test, analyze and verify the kernel code of the operating system. It can be used as an auxiliary tool in the process of operating system tailoring or porting. Firstly, this paper introduces the concept and characteristics of behavior analysis, and analyzes its application in information security. The characteristics of the simulation platform and its advantages in system analysis and software tracking compared with the traditional hardware platform are analyzed. According to the characteristics of behavior analysis and simulation platform, a tracking mechanism of Linux kernel running on the simulation platform based on behavior analysis is proposed. The granularity of behavior tracking is defined for the application environment in this paper, including coarse-grained tracking and fine-grained tracking. Coarse-grained tracking is to track the track of the monitored function sequence from the function level. It records the state of each monitored function when it is executed and the call sequence of the monitored function. Fine-grained tracking is to track the track of the monitored function from the instruction level, which records the address of each instruction when the monitored function is executed. The algorithms of two tracking methods are described in detail. Secondly, the characteristics of ARM microprocessor and the standard of ARM function call are briefly introduced. The algorithms of coarse-grained tracking and fine-coarse-grained tracking are realized on the ARM simulation platform. Finally, the implementation principle of process creation, process scheduling and program loading in Linux2.6 kernel is analyzed, and the test cases are designed. The method of automatic tracking and analysis of Linux kernel running on the simulation platform based on behavior analysis is verified.
【学位授予单位】:华北电力大学
【学位级别】:硕士
【学位授予年份】:2012
【分类号】:TP316.81;TP368.1
【参考文献】
相关期刊论文 前10条
1 黎亮;傅一帆;;基于嵌入式Linux的内核错误跟踪技术[J];电子技术应用;2008年09期
2 王泽东;刘宇;朱随江;刘宝旭;潘林;;采用行为分析的单机木马防护系统设计与实现[J];计算机工程与应用;2011年11期
3 刘红;;嵌入式系统技术发展趋势浅析[J];中国建设教育;2006年10期
4 罗亚丽;周安民;吴少华;胡勇;丁怡;;一种基于行为分析的程序异常检测方法[J];计算机应用;2008年10期
5 徐庚保;曾莲芝;;数字仿真[J];计算机仿真;2009年09期
6 涂刚,阳富民,胡贯荣;嵌入式操作系统综述[J];计算机应用研究;2000年11期
7 李云华;;Linux内核调试新秀SystemTap[J];程序员;2010年03期
8 郝东白;郭林;黄皓;;基于Hook的程序异常行为检测系统设计与实现[J];计算机工程与设计;2007年18期
9 江泓;何恩;;行为分析技术及其在可信网络中的应用前景[J];信息安全与通信保密;2009年02期
10 王兆菊;龚龙庆;;面向SoC的系统级设计语言[J];计算机技术与发展;2007年11期
,本文编号:2404726
本文链接:https://www.wllwen.com/kejilunwen/jisuanjikexuelunwen/2404726.html
