期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于线程管理-端口截听的木马检测系统的设计 被引量:3

Design of Trojan Horse Detecting System-Based on Thread Management and Port Intercepting
下载PDF
导出
摘要 随着互联网越来越生活化,层出不穷的木马已是网络安全的主要威胁,其隐蔽性很强,使一般检测工具难以检测.本系统通过直接扫描系统内核中的活动线程以及截拦活动线程的网络数据流量来进行木马的检测.可以检测出当前所有类型的进程隐藏木马. With internet widely used in our daily life, the Trojan horses are emerging one after another and have become the main threat of network security. The deep hiding of the Trojan horses makes it difficult to detect them with ordinary tools. But this system discussed here can detect the Trojan horses by means of directly scanning active threads in system kernel and intercepting the network data flow of the active threads to find all types of current hidden processes.
作者 李蓉 周维柏
机构地区 华南师范大学增城学院
出处 《甘肃联合大学学报(自然科学版)》 2009年第1期76-78,82,共4页 Journal of Gansu Lianhe University :Natural Sciences
基金 广东省本科高等教育教学改革项目(BKJG200765)
关键词 线程调度 进程隐藏 端口截听 木马 thread dispatch process hiding port intercept Trojan horse
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献6

  • 1LEVINE J G,GRIZZARD J B,HUTTO P W,et al.A methodolo-gy to characterize kernel level rootkit exploits that overwritethe system call table[J].In Proceedings of IEE E.So utheastCo n,IEEE,2006(5):25-31.
  • 2LEMNE J,GRIZZARD J,OWEN H.A methodology to de tect and characterize kernel level rootkit exploits involving redirectionof the system call table[J].In:Second IEEE International Info1Tlla-tion Assurance Workshop,2005(3):12-16.
  • 3CABUK S,BRODLEY C E,SHIDLDS C,et al.IP covert timing channels:design and detection[A].Proceeding ofthe11th ACM Conference on the Computer and Communication Security[C].Washington,2004:178-187.
  • 4张新宇,卿斯汉,马恒太,张楠,孙淑华,蒋建春.特洛伊木马隐藏技术研究[J].通信学报,2004,25(7):153-159. 被引量:43
  • 5MICROSOFT T.How PAE X86 Works[EB/OL].http://technet2.microsoft.com/windowsserver,2004.
  • 6HOLY_ FATHER.HackerDefender[EB/OL].http://www.megasecurity.org/trojans/h/hackerdefender/Hackerdefender1.00.html,2004.

二级参考文献9

  • 1ADLEMAN L M. An abstract theory of computer viruses[A]. 8th Annual International Cryptology Conference[C]. Santa Barbara, California, USA, 1988.
  • 2COHEN F. Computer viruses: theory and experiments[J]. Computers and Security, 1987, 6(1): 22-35.
  • 3COHEN F. On the implications of computer viruses and methods of defense[J]. Computers and Security, 1988, 7(2):167-184.
  • 4COHEN F. A Cryptographic checksum for integrity protection[J]. Computers and Security, 1987, 6(6): 505-510.
  • 5COHEN F. Models of practical defenses against computer viruses[J]. Computers and Security, 1989, 8(2): 149-160.
  • 6THIMBLEBY H, ANDERSON S, CAIRNS P. A framework for modelling trojans and computer virus infection[J]. The Computer Journal, 1998, 41(7): 444-458.
  • 7THOMPSON K. Reflections on trusting trust[J]. Communication of the ACM, 1984, 27(8): 761-763.
  • 8EGGERS K W, MALLETT P W. Characterizing network covert storage channels[A]. Aerospace Computer Security Applications Conference[C]. Orlando, FL, USA, 1988.
  • 9AHSAN K, KUNDUR D. Practical data hiding in TCP/IP[A]. Proc Workshop on Multimedia Security at ACM Multimedia[C]. French Riviera, 2002.

共引文献42

同被引文献22

引证文献3

二级引证文献8

甘肃联合大学学报(自然科学版)
2009年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部