摘要
恶意网页是指包含恶意脚本的网页,恶意脚本可通过修改用户计算机的注册表和加载木马等形式进行各种破坏活动,其危害性日趋严重。为防止恶意网页所带来的危害,保护用户计算机安全,设计了一种恶意网页防护系统,该系统从两个技术环节对恶意网页进行防御。首先从浏览器获得网页地址,抢先读取网页源代码,并以特征码分析法阻止恶意脚本的执行;接着监控注册表的修改行为,阻止恶意脚本修改注册表以获得控制权。两个环节相辅相成,共同构成较为完善的防护体系。实践表明,该系统对恶意网页具有较好的防护效果。
Malicious web page is a page that includes malicious scripts, and malicious scripts will destroy user' s computer system by means of revising registry or injecting Trojans. The harm of malicious web pages to computers is more and more serious. In order to protect user's computer system from malicious web pages, a defending system is designed and realized. The system holds back malicious web pages by two technology links. First of all, it gets the source code of a web from browser and carries on analyzing by the way of condition code. If it finds out malicious scripts in the web, it will prevent them from running. And then, the system will monitor the registry,and prevent it from being revised by malicious scripts. The two links supplement each other to constitute a comparatively perfect defending system. Practice has showed that the system has good effect in defending malicious web pages.
出处
《计算机技术与发展》
2009年第5期154-157,共4页
Computer Technology and Development
基金
海南省教育科研项目(Hj200724)
关键词
恶意网页
浏览器监控
注册表监控
钩子
线程
malicious web page
browser monitoring
registry monitoring
hook
thread