检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:张乃珩 ZHANG Naihang(Newcastle University,Newcastle NE17RV,United Kingdom)
出 处:《河南科学》2020年第9期1400-1408,共9页Henan Science
摘 要:BadUSB攻击隐蔽性强、防御难度高,已成为网络空间安全的一个重要威胁.提出一种基于Hypervisor的BadUSB攻击防御方法.该方法基于Hypervisor监控USB设备的枚举过程,并获取试图接入的USB设备的详细信息及其申请的接口信息,然后基于设备的管控策略决定允许或禁止USB设备的继续接入,从而实现对基于恶意申请HID等接口实现的BadUSB攻击的防御功能.测试表明,该方法能够有效监控和防御BadUSB攻击,且开销在可接受的范围内.Because of its strong concealment and difficulty in defense,BadUSB has become an important threat to the security of cyberspace.This paper proposes a Hypervisor-based method to defend BadUSB attacks.This method monitors the enumeration process of USB devices based on Hypervisor,and obtains the detailed information of the USB devices trying to access to the host and the interface information they apply for,then decides whether to allow or prohibit the continued access of USB devices based on the device control policy,so as to realize the defense function against BadUSB attacks based on malicious applications for HID and other interfaces.Test results show that this method can effectively monitor and defend against BadUSB attacks with acceptable overhead.
关 键 词:USB设备 BadUSB攻击 访问控制 HYPERVISOR
分 类 号:TP309.1[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.147
