基于细粒度访问控制的勒索软件防御系统设计  被引量:1

Design of Ransomware Defense System Based on Fine-Grained Access Control Scheme

在线阅读下载全文

作  者:朱怡昕 苗张旺 甘静鸿 马存庆[1] ZHU Yixin;MIAO Zhangwang;GAN Jinghong;MA Cunqing(State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China;School of Cyber Security,University of Chinese Academy of Sciences,Beijing 100049,China;National Information Center,Beijing 100045,China;School of Information and Network Security,People’s Public Security University of China,Beijing 100038,China;Network Security Brigade of Taiwan Security Investment Zone Branch of Zhangzhou Public Security Bureau,Zhangzhou 363000,China)

机构地区:[1]中国科学院信息工程研究所信息安全国家重点实验室,北京100085 [2]中国科学院大学网络空间安全学院,北京100049 [3]国家信息中心,北京100045 [4]中国人民公安大学信息网络安全学院,北京100038 [5]漳州市公安局台商投资区分局网安大队,漳州363000

出  处:《信息网络安全》2023年第10期31-38,共8页Netinfo Security

基  金:国家重点研发计划[E250351112]。

摘  要:勒索软件是网络犯罪的主要形式之一,危害着公共社会的安全。当前的防御方案主要通过访问控制,存在授权粒度太粗、权限管理不灵活和无法正确处理异常等缺陷。为了防御勒索软件、保护主机文件资源的安全,文章提出一个基于细粒度访问控制的勒索软件防御方案,该方案包括3个主要功能,首先对文件系统的细粒度动态的访问控制;然后通过上下文的程序意图进行分析;最后对异常进行分级确认。文章实现了方案原型,分析结果表明,该方案可以有效拦截勒索软件的文件行为,并且能够减小勒索软件带来的损失。Ransomware has become one of the most dominant forms of cybercrime,endangering the security of public society.The goal of this paper is to defend against ransomware to protect the security of host file resources,but current defense schemes using access control schemes still have defects such as too coarse authorization granularity,inflexible permission management,and inability to properly handle exceptions.In this paper,a ransomware defense scheme based on fine-grained access control,which includes three main functions,firstly,fine-grained dynamic access control to the file system was proposed.Secondly program intent analysis by context.Finally hierarchical confirmation of exceptions.This paper implements a prototype of the scheme,which can effectively intercept the file behavior of ransomware after analysis and reduce the damage caused by ransomware.

关 键 词:勒索软件防御 访问控制 上下文分析 分级确认 细粒度 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象