摘要
在Policy(策略)、Protection(防护)、Detection(检测)和Response(响应)安全模型(简称P2DR)的基础上,论述了内部网文件监控审计系统的设计和实现.在系统监控端上,利用木马的"隐蔽性",实现了在Win2002系统中的进程隐藏和通信隐藏.在文件监控上,分析了P2DR安全模型及其理论体系,从防护、检测、响应三个方面论述了内部网文件监控审计系统对数据进行全方位安全保护机制,它具有快捷的检测响应速度和良好的安全性能.
On the basis of the P2DR network security model,the paper discusses design and implementation of the Inner Network Files Monitor & Audit System.In the inner network,the NFMAS monitors the behaviors of network based on the centralized management and distributed control,and provide the audit for the behaviors.For the design and realization of the monitoring end,studies focus on the technology of concealment about Trojan horse.Process-concealment and communication concealment in Win2002 system are realized in ...
出处
《邯郸学院学报》
2009年第3期69-72,共4页
Journal of Handan University
