检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]北京交通大学计算机与信息技术学院,北京100044
出 处:《电子学报》2014年第1期119-124,共6页Acta Electronica Sinica
基 金:国家"973"重点基础研究发展计划(No.2007CB307101);教育部高等学校博士学科点专项科研基金(No.20120009110007)
摘 要:与传统的恶意代码检测方式相比,面向虚拟桌面的恶意代码检测方法面临着性能方面的挑战,同一物理服务器上多个虚拟桌面同时开展恶意代码检测使得磁盘等硬件成为严重的IO性能瓶颈.本文提出了一种高效的虚拟桌面恶意代码检测方案,基于母本克隆技术的虚拟桌面恶意代码检测机制(MCIDS),MCIDS根据虚拟桌面系统的特点,通过系统映像网络存储克隆技术以及部署在网络存储系统中的恶意代码引擎减少虚拟桌面系统中的恶意代码检测范围,有效减少恶意代码检测所需的磁盘IO开销;同时MCIDS还克服了传统"Out-of-the-Box"安全检测机制存在的语义差别问题,改善了系统的安全性能.在原型系统上的实验显示该方法在技术上是可行的,与现有方法相比MCIDS具有较好的性能优势.Compared with traditional malicious codes detection mechanisms, detecting malicious codes in virtual desktop system faces serious performance challenge, multiple virtual desktops on a physical server conduct malicious code detection in parallel will face serious bottlenecks in the hardware devices with poor performance, such as hard disks. In this paper, we propose a mali- cious code detection mechanism for virtual desktop system, a malicious code detection mechanism based on mother-clone technology (MCIDS). Based on the characteristics of virtual desktops, MCIDS is designed to reduce the scope of mal-code detection by system image network storage clone technique and the mal-code detection engine deployed in network storage system, and this method effectively decreases the amount of disk I0 operation caused by the detection of malicious codes, so that the performance of the system is improved greatly;In addition, MCIDS overcomes the semantic gap problem which often exists in traditional out-of-the-box securi- ty detection mechanisms. Experiments conducted on the prototype show that our method is technicallyfeasibleand the performance of MCIDS is better than other methods.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.249