摘要
随着海量变种及未知恶意病毒的泛滥,采用病毒特征码匹配为核心的反病毒技术已难以实现有效和及时的防御。基于云计算模式,设计了一种恶意代码云主动防御系统产品,采用程序行为跟踪分析、模式识别、智能修复处理、操作系统等6大子系统主动防御技术,实现了智能有效检测、辨识和清除已知与未知的恶意代码的功能。该系统采用P2DR模型,由云客户端软件、云端服务器、管理控制台3部分组成,实现了恶意代码行为捕获及主动防御、恶意代码行为算法分析、全网主机安全态势分析报告等功能,构建了网络主机安全的纵深防御体系。
As we know that it has been increasingly difficult to effectively and timely detect the mass and unknown malicious virus with the conventional virus feature code detection- and matching-based antivirus technologies. Using the cloud computing model, this paper proposes a security cloud active defense system against the malicious codes, on the basis of the program behavior analysis, pattern rec- ognition, intelligent processing, and six sub-systems of operating system with active defense technolo- gy. This scheme can intelligently detect, identify, and remove the known and unknown malicious codes. Our system uses the P2DR model provided by the client software and cloud server, and the management console is composed of three parts. It also includes the functionality of capturing the ma- licious code behaviors for active defense and analyzing the malicious code behaviors, which can offer the security situationanalysis report of the whole network, thus resulting in an efficient security de- fense-in-depth system.
出处
《重庆理工大学学报(自然科学)》
CAS
2014年第5期84-92,共9页
Journal of Chongqing University of Technology:Natural Science
基金
国家科技部科技型中小企业技术创新基金项目(12C26115116106)
关键词
恶意代码
病毒
云主动防御
云安全
malicious code
computer virus
security cloud active defense system
cloud security
