检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:陈利跃 孙歆 成天晟 吴春明[3] 陈双喜[3,4] CHEN Liyue;SUN Xin;CHENG Tiansheng;WU Chunming;CHEN Shuangxi(State Grid Zhejiang Electric Power Co,Ltd,Hangzhou 310027,China;State Grid Zhejiang Electrice Power Co.,Ltd.Research Instute,Hangzhou 310027,China;Zhejiang University,Hangzhou 310058,China;Jiaxing Vocational and Technical College,Jiaxing 314036,China|)
机构地区:[1]国网浙江省电力有限公司,浙江杭州310027 [2]国网浙江省电力有限公司电力科学研究院,浙江杭州310027 [3]浙江大学,浙江杭州310058 [4]嘉兴职业技术学院,浙江嘉兴314036
出 处:《电信科学》2020年第5期39-46,共8页Telecommunications Science
基 金:国家电网总部科技项目(No.52110118001F)。
摘 要:Rootkit是一种持久且隐匿的攻击技术,通过修改操作系统软件或内核,更改指令执行路径,隐匿攻击行为和后门程序痕迹。首先介绍了Rootkit的基本定义及其演变过程,其次讨论了目前Rootkit工作原理、主流技术以及检测方法。然后通过安全性与性能对比实验,阐述了基于动态异构冗余架构搭建的拟态Web防御系统在木马攻击下的应用效果。实验结果表明,拟态Web防御系统能在较小开销的情况下有效地对木马攻击进行防御。最后总结了该系统在当前环境下所面临的机遇与挑战。Rootkit is a set of persistent and undetectable attack technologies, which can hide their attack behavior and backdoor trace by modifying software or kernel in operating system and changing execution path of instruction. Firstly, the basic definition and evolution of Rootkit were introduced, then the operating principle, current mainstream technology and detection methods of Rootkit were discussed. Then, through comparative experiments on performance and security, the application of mimic defense system was described for Web based on dynamic, heterogeneous, redundant structure under Trojan Horse attack. Experiments show that mimic defense system can effectively defend against Trojan Horse in tests in the premise of low overhead. At last, the opportunities and challenges of the DHR system were summarized.
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:13.59.111.209
