摘要
有些计算机病毒和木马一旦进入系统,就会伪装自己,使系统难以觉察。通过对主机文件系统的完整性验证,能有效地拦截系统未 知的病毒和木马。在Windows系统中,使用拦截技术,当可执行程序运行时对其进行拦截,并验证其文件完整性,确保程序未受感染后,才 允许程序执行。利用文件完整性检查防范计算机病毒和木马,具有较好的实时性和主动性。
Some computer viruses and Trojan horses can hide themselves from being discovered by the system once they intrude the system. Checking the integrity of files of the host can hold up unknown viruses and Trojan horses effectively. In Windows systems, when an executable file begins to execute, it will be held up and then be checked to insure it hasn't been infected. The technology, that protects the system from been intruding by viruses and Trojan horses, is real-time and active.
出处
《计算机工程》
CAS
CSCD
北大核心
2004年第B12期578-579,619,共3页
Computer Engineering
关键词
主机入侵检查
文件签名技术
Windows拦截技术
Host-based intrusion detection(HID)
File signature technology
Windows holding-up technology