中圖分類號(hào)： TP309
文獻(xiàn)標(biāo)識(shí)碼： A
DOI： 10.19358/j.issn.2096-5133.2021.04.001
引用格式： 姬一文，楊釗，王玉成，等. 基于長(zhǎng)短碼聯(lián)合控制的程序完整性校驗(yàn)方法[J].信息技術(shù)與網(wǎng)絡(luò)安全，2021，40(4)：1-6.

Program integrity verification method based on combined control of long and short codes

Abstract： This paper proposes a program integrity verification method based on the combined measurement of long and short codes. It analyzes the characteristics of the operating system file system, designs a file monitoring module based on the LSM framework, realizes real-time marking of file integrity, and can actively mark and identify tampered files. When the application program is installed in the operating system, the program will calculate the hash value and set the short code mark to initialize the white list database and to complete the measurement benchmark setting. The verification module is triggered before the application program is executed, and the short code of the program is detected first, and then the long code verification of the hash value of the program is determined according to the detection result. Using the long and short code of the application to measure and verify the application can improve the efficiency of application measurement and verification; combining the monitoring module to monitor the program in real time, and designing the conversion rules between the various categories of application tags in different scenarios to ensure rapid obtain the complete status of the program in a precise manner，the entire program realizes real-time and efficient control of the application.

Key words : integrity verification；integrity measurement；LSM；executive control Network and Information Security