检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:祝林 邬江 刘克斌 钟杰 Zhu Lin;Wu Jiang;Liu Kebin;Zhong Jie(CLP Great Wall Internet Security Technology Research Institute(Beijing)Co.,Ltd.,Beijing 100097,China)
机构地区:[1]中电长城网际安全技术研究院(北京)有限公司,北京100097
出 处:《网络安全与数据治理》2024年第12期27-32,共6页CYBER SECURITY AND DATA GOVERNANCE
摘 要:针对当前终端网络安全攻防对抗中未知攻击“防不住”、已知攻击“测不准”的问题,现用“封堵管控”安全机制可被攻击方屏蔽规避,为扭转当前终端安全防护的被动落后现状,亟需在终端安全检测理论、安全检测分析模型与实际应用上实现创新突破。文章将操作系统行为进行了形式化定义,并基于形式化定义设计了操作系统行为分析模型,然后以缓冲区溢出攻击与终端数据泄露攻击为典型示例验证其方法正确性。In response to the problem of unknown attacks being"undetectable"and known attacks being"unpredictable"in current terminal network security attacks and defenses,the current"blocking and control"security mechanism can be blocked or avoided by attackers.In order to reverse the passive backwardness of terminal security protection,it is needful to achieve innovative breakthroughs in terminal security detection theory,security detection analysis models,and practical applications.This study formalized the behavior of the operating system and designed an operating system behavior analysis model based on the formal definition.Then,buffer overflow attacks and terminal data leakage attacks were used as typical examples to verify the correctness of the method.
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.30