admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-17 23:53:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

Continued with ebpf history

Browse Source
This commit is contained in:
h3xduck
2022-05-22 10:04:16 -04:00
parent 3ec9175053
commit cdaed83d1a
7 changed files with 45 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
docs/document.aux
View File

@@ -54,22 +54,26 @@
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {section}{\numberline {1.4}Structure of the document}{4}{section.1.4}\protected@file@percent }
\abx@aux@cite{bpf_bsd_origin}
\abx@aux@segm{0}{0}{bpf_bsd_origin}
\abx@aux@cite{ebpf_history_opensource}
\abx@aux@segm{0}{0}{ebpf_history_opensource}
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{\numberline {2}State of the art}{5}{chapter.2}\protected@file@percent }
\@writefile{lof}{\defcounter {refsection}{0}\relax }\@writefile{lof}{\addvspace {10\p@ }}
\@writefile{lot}{\defcounter {refsection}{0}\relax }\@writefile{lot}{\addvspace {10\p@ }}
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {section}{\numberline {2.1}Introduction to eBPF}{5}{section.2.1}\protected@file@percent }
\@writefile{lof}{\defcounter {refsection}{0}\relax }\@writefile{lof}{\contentsline {figure}{\numberline {2.1}{\ignorespaces Sketch of the functionality of classic BPF\relax }}{5}{figure.caption.7}\protected@file@percent }
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{\numberline {3}Methods??}{6}{chapter.3}\protected@file@percent }
\providecommand*\caption@xref[2]{\@setref\relax\@undefined{#1}}
\newlabel{fig:classif_bpf}{{2.1}{5}{Sketch of the functionality of classic BPF\relax }{figure.caption.7}{}}
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{\numberline {3}Methods??}{7}{chapter.3}\protected@file@percent }
\@writefile{lof}{\defcounter {refsection}{0}\relax }\@writefile{lof}{\addvspace {10\p@ }}
\@writefile{lot}{\defcounter {refsection}{0}\relax }\@writefile{lot}{\addvspace {10\p@ }}
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{\numberline {4}Results}{7}{chapter.4}\protected@file@percent }
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{\numberline {4}Results}{8}{chapter.4}\protected@file@percent }
\@writefile{lof}{\defcounter {refsection}{0}\relax }\@writefile{lof}{\addvspace {10\p@ }}
\@writefile{lot}{\defcounter {refsection}{0}\relax }\@writefile{lot}{\addvspace {10\p@ }}
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{\numberline {5}Conclusion and future work}{8}{chapter.5}\protected@file@percent }
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{\numberline {5}Conclusion and future work}{9}{chapter.5}\protected@file@percent }
\@writefile{lof}{\defcounter {refsection}{0}\relax }\@writefile{lof}{\addvspace {10\p@ }}
\@writefile{lot}{\defcounter {refsection}{0}\relax }\@writefile{lot}{\addvspace {10\p@ }}
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{Bibliography}{9}{chapter.5}\protected@file@percent }
\abx@aux@read@bbl@mdfivesum{614E9E8BA8F58ECCA430604904639F32}
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{Bibliography}{10}{chapter.5}\protected@file@percent }
\abx@aux@read@bbl@mdfivesum{A3394ACFF19F9604812726160FADD43B}
\abx@aux@refcontextdefaultsdone
\abx@aux@defaultrefcontext{0}{ransomware_pwc}{none/global//global/global}
\abx@aux@defaultrefcontext{0}{rootkit_ptsecurity}{none/global//global/global}
@@ -82,5 +86,6 @@
\abx@aux@defaultrefcontext{0}{bad_ebpf}{none/global//global/global}
\abx@aux@defaultrefcontext{0}{ebpf_friends}{none/global//global/global}
\abx@aux@defaultrefcontext{0}{bpf_bsd_origin}{none/global//global/global}
\abx@aux@defaultrefcontext{0}{ebpf_history_opensource}{none/global//global/global}
\ttl@finishall
\gdef \@abspage@last{25}
\gdef \@abspage@last{26}

38
docs/document.log
View File

@@ -1,4 +1,4 @@
This is pdfTeX, Version 3.14159265-2.6-1.40.21 (TeX Live 2020/Debian) (preloaded format=pdflatex 2022.4.27) 22 MAY 2022 08:18
This is pdfTeX, Version 3.14159265-2.6-1.40.21 (TeX Live 2020/Debian) (preloaded format=pdflatex 2022.4.27) 22 MAY 2022 09:54
entering extended mode
restricted \write18 enabled.
%&-line parsing enabled.
@@ -1210,37 +1210,37 @@ Overfull \hbox (0.50073pt too wide) in paragraph at lines 355--356
[3] [4]
Chapter 2.
<images//classic_bpf.jpg, id=195, 588.1975pt x 432.61626pt>
<images//classic_bpf.jpg, id=196, 588.1975pt x 432.61626pt>
File: images//classic_bpf.jpg Graphic file (type jpg)
<use images//classic_bpf.jpg>
Package pdftex.def Info: images//classic_bpf.jpg used on input line 413.
(pdftex.def) Requested size: 341.43306pt x 251.12224pt.
[5
<./images//classic_bpf.jpg>]
<./images//classic_bpf.jpg>] [6]
Chapter 3.
[6
]
Chapter 4.
[7
]
Chapter 5.
Chapter 4.
[8
]
Chapter 5.
[9
]
LaTeX Font Info: Trying to load font information for T1+txtt on input line 4
42.
48.
(/usr/share/texlive/texmf-dist/tex/latex/txfonts/t1txtt.fd
File: t1txtt.fd 2000/12/15 v3.1
)
Overfull \hbox (5.34976pt too wide) in paragraph at lines 443--443
Overfull \hbox (5.34976pt too wide) in paragraph at lines 449--449
\T1/txtt/m/n/12 threat -[] intelligence / cyber -[] year -[] in -[] retrospect
/ yir -[] cyber -[] threats -[]
[]
[9
[10
] [1
@@ -1258,7 +1258,7 @@ pdfTeX warning (ext4): destination with the same identifier (name{page.}) has b
een already used, duplicate ignored
<to be read again>
\relax
l.459 \end{document}
l.465 \end{document}
[2
] (./document.aux)
@@ -1269,10 +1269,10 @@ Package logreq Info: Writing requests to 'document.run.xml'.
)
Here is how much of TeX's memory you used:
27194 strings out of 481209
431200 string characters out of 5914747
1167217 words of memory out of 5000000
43670 multiletter control sequences out of 15000+600000
27199 strings out of 481209
431366 string characters out of 5914747
1168340 words of memory out of 5000000
43673 multiletter control sequences out of 15000+600000
447071 words of font info for 92 fonts, out of 8000000 for 9000
36 hyphenation exceptions out of 8191
88i,11n,90p,1029b,2369s stack positions out of 5000i,500n,10000p,200000b,80000s
@@ -1284,9 +1284,9 @@ tic/uhvb8a.pfb></usr/share/texlive/texmf-dist/fonts/type1/urw/helvetic/uhvr8a.p
fb></usr/share/texlive/texmf-dist/fonts/type1/urw/helvetic/uhvr8a.pfb></usr/sha
re/texlive/texmf-dist/fonts/type1/urw/times/utmb8a.pfb></usr/share/texlive/texm
f-dist/fonts/type1/urw/times/utmr8a.pfb>
Output written on document.pdf (25 pages, 199165 bytes).
Output written on document.pdf (26 pages, 201266 bytes).
PDF statistics:
304 PDF objects out of 1000 (max. 8388607)
54 named destinations out of 1000 (max. 500000)
313 PDF objects out of 1000 (max. 8388607)
56 named destinations out of 1000 (max. 500000)
132 words of extra memory for PDF output out of 10000 (max. 10000000)

BIN
docs/document.pdf
View File

Binary file not shown.

BIN
docs/document.synctex.gz
View File

Binary file not shown.

8
docs/document.tex
View File

@@ -405,15 +405,21 @@ This chapter is dedicated to an study of the eBPF technology. Firstly, we will a
\section{Introduction to eBPF}
Nowadays eBPF is not officially considered to be an acronym anymore, but it remains largely known as "extended Berkeley Packet Filters", given its roots in the Berkeley Packet Filter (BPF) technology, now known as classic BPF.
BPF was introduced in 1992 in the paper "The BSD Packet Filter: A New Architecture for User-level Packet Capture"\cite{bpf_bsd_origin}, as a new filtering technology for network packets in the BSD platform.
BPF was introduced in 1992 in the paper "The BSD Packet Filter: A New Architecture for User-level Packet Capture"\cite{bpf_bsd_origin}, as a new filtering technology for network packets in the BSD platform. It was first integrated in the Linux kernel on version 2.1.75\cite{ebpf_history_opensource}.
\begin{figure}[h]
\centering
\includegraphics[width=12cm, keepaspectratio=true]{classic_bpf.jpg}
\caption{Sketch of the functionality of classic BPF}
\label{fig:classif_bpf}
\end{figure}
Figure \ref{fig:classif_bpf} shows how BPF was integrated in the existing network packet processing by the kernel. After receiving a packet, it would first be analysed by BPF filters, which are directly programmed by the BPF developer. The filter decides whether the packet is to be accepted by analysing the packet properties, such as its length or the type and values of its headers. If a packet is accepted, the filter proceeds to decide how many bytes of the original buffer are passed to the application. Otherwise, the packet is redirected to the original network stack, where it is managed as usual.

8
docs/document.toc
View File

@@ -19,11 +19,11 @@
\defcounter {refsection}{0}\relax
\contentsline {section}{\numberline {2.1}Introduction to eBPF}{5}{section.2.1}%
\defcounter {refsection}{0}\relax
\contentsline {chapter}{\numberline {3}Methods??}{6}{chapter.3}%
\contentsline {chapter}{\numberline {3}Methods??}{7}{chapter.3}%
\defcounter {refsection}{0}\relax
\contentsline {chapter}{\numberline {4}Results}{7}{chapter.4}%
\contentsline {chapter}{\numberline {4}Results}{8}{chapter.4}%
\defcounter {refsection}{0}\relax
\contentsline {chapter}{\numberline {5}Conclusion and future work}{8}{chapter.5}%
\contentsline {chapter}{\numberline {5}Conclusion and future work}{9}{chapter.5}%
\defcounter {refsection}{0}\relax
\contentsline {chapter}{Bibliography}{9}{chapter.5}%
\contentsline {chapter}{Bibliography}{10}{chapter.5}%
\contentsfinish

8
docs/pdfa.xmpi
View File

@@ -73,15 +73,15 @@
</rdf:Description>
<rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/">
<xmp:CreatorTool>LaTeX with hyperref</xmp:CreatorTool>
<xmp:ModifyDate>2022-05-22T08:18:59-04:00</xmp:ModifyDate>
<xmp:CreateDate>2022-05-22T08:18:59-04:00</xmp:CreateDate>
<xmp:MetadataDate>2022-05-22T08:18:59-04:00</xmp:MetadataDate>
<xmp:ModifyDate>2022-05-22T09:54:23-04:00</xmp:ModifyDate>
<xmp:CreateDate>2022-05-22T09:54:23-04:00</xmp:CreateDate>
<xmp:MetadataDate>2022-05-22T09:54:23-04:00</xmp:MetadataDate>
</rdf:Description>
<rdf:Description rdf:about="" xmlns:xmpRights = "http://ns.adobe.com/xap/1.0/rights/">
</rdf:Description>
<rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/">
<xmpMM:DocumentID>uuid:467B87E0-A1EA-A037-7CB7-0477245DEBC3</xmpMM:DocumentID>
<xmpMM:InstanceID>uuid:7C5084A7-0928-3FCA-282B-690A2430241A</xmpMM:InstanceID>
<xmpMM:InstanceID>uuid:54E6B66D-9219-1781-FDF0-6CBAEB994DB9</xmpMM:InstanceID>
</rdf:Description>
</rdf:RDF>
</x:xmpmeta>