公开(公告)号：DK1942431T3

公开(公告)日：2012-12-17

申请号：DK08150037

申请日：2008-01-03

Applicant: APPLE INC

Inventor： LEROUGE JULIEN ,  BETOUIN PIERRE ,  FASOLI GIANPAOLO ,  FARRUGIA AUGUSTIN J

IPC: G06F21/00

公开(公告)号：WO2008085922A3

公开(公告)日：2010-03-11

申请号：PCT/US2008000169

申请日：2008-01-03

Applicant: APPLE INC ,  LEROUGE JULIEN ,  BETOUIN PIERRE ,  FASOLI GIANPAOLO ,  FARRUGIA AUGUSTIN J

Inventor： LEROUGE JULIEN ,  BETOUIN PIERRE ,  FASOLI GIANPAOLO ,  FARRUGIA AUGUSTIN J

IPC: H04L9/00

CPC classification number: G06F21/64

Abstract: An integrity verification process is described to detect tampering or alteration to computer files, being especially useful for detection of tampepng by hackers trying to plant malicious code in software Each computer file to be protected is first selected using a rule and is partitioned into vapable length portions, the lengths varying in an unpredictable manner Each portion has its checksum or hash value computed A vepfication file is created which includes a vector for each portion including the portion's start address in memory, length, and computed checksum or hash value When the code is executed, the vepfication file is conventionally read and each portion is vepfied by computing its checksum or hash value again, and compapng that to the value in the associated vepfication file vector Lack of a match in the two values indicates tampepng, so execution of the code can be halted

Abstract translation: 描述完整性验证过程以检测对计算机文件的篡改或更改，特别适用于在软件中尝试植入恶意代码的黑客检测篡改。每个要保护的计算机文件首先使用规则进行选择，并分割成可扩展的长度部分 长度以不可预知的方式变化每个部分都具有计算的校验和或散列值创建一个包含文件的每个部分的向量，包括该部分在内存中的起始地址，长度以及计算的校验和或哈希值当执行代码时 通常，读取文件，并且通过再次计算其校验和或散列值来消除每个部分，并将其与相关联的文件向量中的值相结合缺少两个值中的匹配表示tampepng，因此代码的执行可以 停止