摘要
随着黑客攻击技术的不断进步,网络安全面临越来越严重的威胁。由于不能确保系统不被黑客攻击,也无法确定用户操作的文件或程序是否含有恶意的代码,因而,及时发现系统中存在的木马程序或者含有恶意代码的文件,是确保系统信息安全的重要途径。目前的许多木马检测软件仅能对已知的木马进行检测,对未知木马却无可奈何。文章在分析和综合当前木马检测技术的基础上,设计并实现了一个在Windows系统中行之有效的木马检测系统,不仅能有效检测已知的木马,还能对未知的木马进行有效的预防,通过对未知木马的特征进行自主式学习,并应用于检测,从而提高木马检测的功能。
As the attacking technology is developing,the security of networks is faced with more and more severe challenge and it is not sure that the operating file or running program has malicious code.How to find and remove the Trojan program is very important to ensure the information security,but many software just can detect known Trojan horse.From analysis and inducement of the current Trojan horse detection technologies,this paper designs and implements a very efficient Trojan horse detection system based on Windows to detect known Trojan horse and learn from preventing unknown Trojan horse to enhance the detection ability.
出处
《计算机工程与应用》
CSCD
北大核心
2005年第25期141-144,共4页
Computer Engineering and Applications
基金
重庆市教委科学技术研究项目(编号:050302)
关键词
木马
检测
预防
自主式学习
Trojan horse,detection,prevention,self-learning