資源描述:
《基于行為的病毒檢測系統(tǒng)的設(shè)計與實(shí)現(xiàn)》由會員上傳分享�,免費(fèi)在線閱讀,更多相關(guān)內(nèi)容在學(xué)術(shù)論文-天天文庫。
1�、北京交通大學(xué)碩士學(xué)位論文基于行為的病毒檢測系統(tǒng)的設(shè)計與實(shí)現(xiàn)姓名:李江濤申請學(xué)位級別:碩士專業(yè):信息安全指導(dǎo)教師:韓臻20080601ABSTRACTABSTRACT:Wimtherapiddevelopmentofcomputertechnology,peoplearesufferingallkindsofsecurityproblemswhileenteringtheinformationstage:networkisinvadedillegally;importantinformationis
2���、alwaysstolenorsystemcrashed.Howtopreventanddetectvirusesisalong-termresearchanddevelopedissueinthefieldofinformationsecurity.Asthedevelopmentofnetworkandtheimprovementoflevelofviruscode��,thetraditionalvirusdetectiontechnologies’shortcomingismoreobvious
3�����、ly,anditisdifficulttomeetthepeople+Sneedsforinformationsecurity.Behavior-basedvirusdetectiontechnologyusestheuniquecharacteristicsofthevirustodetectcomputervirus��;itcandetectunknownvimsessuccessfully.111isvirusdetectiontechnologyCanadapttothenewfeature
4��、sofcomputerviruswell.Undoubtedlyithasatremendoussuperiorityandbroaddevelopmentprospects���,andwillstandforthedevelopmenttrendofvirusdetectiontechnologyforquitealongtime.Weanalyzedthebehaviorcharacteristicsofallkindsofvirusesandimplementedavirusdetections
5、ysteminthispaper.Thesystemisdividedintofourfunctionalmodules:filesystemmonitoringmodule,behaviordetectionmodule��,behavioranalysismoduleandsystemrecoverymodule.Wefirstanalyzedthebehaviorcharacteristicsofallkindsofviruses���,andconstructedthelibraryofvirusb
6、ehaviorcharacteristics.Accordingtothecharacterthatmaliciousbehaviorsaremainlyconcentratedindestroyingtheexecutablefilesorsystemfilesofsomespecifictype�����,aswellastherelevantregistrykeys���,weimplementedthesystembasedonfilefilterdriver,corporationwithapplica
7���、tion.Thedrivermainlyconstructsthevirtualsystemandmonitorsthefilesystem;theapplicationcompletesregistrytesting��;extractingandanalyzingbehaviorsofviruses�;systemrecovery.Finallywetestedthesystem’Sperformanceusingnumbersofvirussamples.KEYWORDS:ViresDetecti
8、on���;BehaviorCharacterization��;VirtualTechnology���;FileFilterDriverCI��。ASSN0:TP309學(xué)位論文版權(quán)使用授權(quán)書本學(xué)位論文作者完全了解北京交通大學(xué)有關(guān)保留���、使用學(xué)位論文的規(guī)定。特授權(quán)北京交通大學(xué)可以將學(xué)位論文的全部或部分內(nèi)容編入有關(guān)數(shù)據(jù)庫進(jìn)行檢索��,并采用影印��、縮印或掃描等復(fù)制手段保存���、匯編以供查閱和借閱����。同意學(xué)校向國家有關(guān)部門或機(jī)構(gòu)送交論文的復(fù)印件和磁盤���。(保密的學(xué)位論文在解密后適用本授權(quán)說明)學(xué)位論文作者簽名:鷹砬諍簽
