检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]北京大学软件与微电子学院信息安全系,北京102600
出 处:《信息网络安全》2009年第5期44-46,共3页Netinfo Security
摘 要:如何保证涉密网络信息保密的问题一直受到政府、军队、航天等涉及国家秘密的行业所关注。在软件层次对计算机用户进行监控是一个较好的解决方案。这篇文章提出并实现了基于Winsock2 SPI框架的网络监控自我保护方案。监控程序本身的自我保护技术是保证网络监控抵抗非法用户攻击的关键。基于这种方案的网络监控程序能够将监控线程同系统关键进程进行绑定,既实现了程序的进程隐藏,又能够防止高级非法用户强制关闭监控程序,并且能够同Rootkit技术等其他相结合共同提高程序自我保护性能。The problem that how to protect the information without divulging in a secret-related network in terms of departments of government, army and energy is always be regarded by people. It is a good way to solve this problem by monitoring the computer user in the secret-related network using software. This paper presents and implements a self-protection scheme for network monitor program based on Winsock2 SPI Framework. The self-protection technology of the network monitor is the key point that protects the network monitor from being attacked by illegal users. The network monitor program based on this scheme can bind itself with the critical system process to hide the monitor process itself and protected itself being shut down or delete by senior attacker, besides, this technology can work with other technologies like rootkit to improve the performance of the monitor program.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.191.89.16