检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]海军参谋部,北京 [2]海军工程大学信息安全系,湖北 武汉
出 处:《计算机科学与应用》2022年第8期1887-1894,共8页Computer Science and Application
摘 要:针对企业计算机终端和信息系统面临诸多内部安全风险,尤其是内部人员误操作和恶意篡改所带来的安全威胁,基于Windows系统的钩子技术,设计并实现Windows平台的终端安全监管系统。系统通过钩子技术监听键盘和鼠标操作,以用户输入口令敲击键盘时独特的韵律来强化身份认证,对用户的行为进行完善记录,实现操作回放和逆向解析,并具备文档和系统配置的篡改检测与自动恢复功能,对内部人员攻击有较好的防范效果。测试表明,韵律密码可显著提升对口令泄露和冒名登录的防御能力,系统能正确记录并解析用户操作行为,对常见的篡改手段能自动恢复。In view of the internal security risks faced by computer terminals and information systems in en-terprise, especially the security threats caused by internal personnel misoperation and malicious tampering, a terminal security supervision system based on the hook technology for Windows platform is designed and implemented. The keyboard and mouse operations are monitored through hook technology, which strengthens identity authentication with the unique rhythm of users when inputting the password through keyboard. The user’s behaviors are perfectly recorded, and the operation playback and reverse analysis are realized. Also, tampering with documents and system configurations can be detected and automatically recovered, which has a good preventive effect against internal personnel attacks. Tests showed that the rhythm password can significantly improve the defense ability against password disclosure and fake login. The system can correctly record and analyze the user’s operations, and common tampering can be automatically recovered.
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.198