摘要
针对当前局域网内主机资源监控的不足,设计并实现了一个分布式的主机资源监控系统DHGuard.系统采用了基于树形的安全域控制模型和灵活的监控策略配置,具有很好的可扩展性.在终端Agent实时监控代理端对系统关键资源从内核层过滤驱动进行监控,从而实现了自身的保护机制.
Host resources security protection technology is an effective supplement to the network- based attack defense technology in local area network, such as firewall and IDS. According to the limitations and defects of current host resources monitoring, a distributed host resources monitoring system called DHGuard is designed and implemented, which adopts tree-based secure domain control model, flexible configuration of control strategies, and has a good scalability. For the monitoring of system key resources, real-time terminal Agent achieves it by kernel layer's filter drivers and therefore, implements its own self-protection mechanism.
出处
《重庆工学院学报(自然科学版)》
2009年第12期77-81,97,共6页
Journal of Chongqing Institute of Technology
基金
国家技术创新基金资助项目(08C26214411198)
粤港关键领域重点突破项目(2008A011400010)
关键词
主机资源监控
安全域控制模型
监控策略
监控代理
过滤驱动
host resources monitoring
secure domain control model
control strategy
monitoringAgent
filter driver
