期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于云计算的恶意代码防御系统 被引量:4

Malicious code defense system based on cloud computing
原文传递
导出
摘要 针对当前恶意代码检测系统存在的查杀能力较弱、资源占用率大、自身易受攻击等问题,综合利用云查杀、主动防御和多代理协同处理等技术提出了一种新的恶意代码防御系统.该系统将核心检测分析功能分离到云端以服务形式提供,终端只具备安全状态和行为监控等基本代理功能,海量代理构成的监控云快速发现未知恶意代码,检测分析云通过分布式处理和多查杀引擎协同快速分析识别恶意代码.为了测试系统的可行性和有效性,使用6 835个恶意代码样本开展了与传统模式的对比实验,系统的查杀成功率达到97.3%,CPU占用率不高于29%.与传统模式相比,新体系具有更高的查杀能力和更低的终端资源占用率. To solve the problems of the traditional host-based malware detection system with low detect-and-kill capacity,high resource consumption,and vulnerability to be attacked,a malicious code defense architecture was proposed based on cloud security technology,active defense and multi-agent coordination technology.In this architecture,the malware analysis engine was moved into the cloud,and the client agent only kept lightweight malware monitor function.The architecture was composed of monitoring cloud and detection and analysis cloud.The monitoring cloud based on massive client agents could quickly finds unknown malware,and the detection and analysis cloud analyzed the malware with distributed processing and multi-engine.In order to test the applicability of the prototype system,6 835 malware samples were used to carry out comparative experiments with the traditional model,and the system achieved a detection rate of 97.3% and CPU occupancy rate of no more than29%.The test result shows that the proposed method provides high kill capacity and end-user′s low resources consumption.
作者 段翼真 刘忠 施展
机构地区 中国科学院成都计算机应用研究所 北京计算机技术及应用研究所 中国科学院大学 华中科技大学计算机学院
出处 《华中科技大学学报(自然科学版)》 EI CAS CSCD 北大核心 2016年第7期57-62,共6页 Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金 国防基础科研资助项目(B0420132604)
关键词 云计算 云安全 恶意代码检测 主机安全 反病毒 cloud computing cloud security malicious code detection host security anti-virus
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献12

  • 1Wei Y, Ansari N. Why anti-virus products slow down your machine? [C] //ffProceeding of 18th International Conference on Computer Communications and Networks. San Francisco: IEEE, 2009: 1-6.
  • 2Jon O, Evan C, Farnam J. Rethinking antivirus: executable analysis in the network cloud[C]//Proceedings of 2nd USENIX Workshop on Hot Topics in Security. Boston: USENIC Association, 2007: 1-5.
  • 3段翼真,王晓程,刘忠.云计算安全:概念、现状与关键技术[J].信息网络安全,2012(8):86-89. 被引量:21
  • 4Igor M, Chris B. Cloud security technologies[J]. Information Security Technical Report, 2009, 14 (1):1-6.
  • 5Jon O, Evan C, Famam. J. CloudAV: n-version antivirus in the network cloud[C] ff Proceedings of the 17th USENIX Security Symposium. San Jose: ACM, 2008: 91-107.
  • 6Cristian A M, Gustavo I E, Andes G C S. Malware detection based on cloud computing integrating intrusion ontology representation [C] // Proceedings of 2010 IEEE Latin-American Conference Communications Conference Proceedings. Bogota: IEEE, 2010 : 1-6.
  • 7Liu S T, Chen Y M. Retrospective detection of malware attacks by cloud computing[C]//Proceedings of 2010 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery. Huangshan: IEEE, 2010: 510-517.
  • 8Lorenzo M, Roberto P, Danilo B. A framework for behavior-based malware analysis in the eloud[C]// Proceedings of the 5th International Conference on Information Systems Security. Kolkata: Springer Berlin Heidelberg, 2009: 178-192.
  • 9王斌,吴钦章,王春鸿,孙永泉,杜中平.基于安全控制模块的高可信计算机研究[J].系统工程与电子技术,2010,32(2):437-440. 被引量:4
  • 10Andy M, Russ D, Tim H, et al. The cloud and SOA: creating an architecture for today and for the future[EB/OL]. [2014-04-11]. http://www, hp. com/hpinfo/analystrelations/wp-cloudcomputing soa_capgemini_hp, pdf.

二级参考文献24

  • 1沈昌祥,张焕国,冯登国,曹珍富,黄继武.信息安全综述[J].中国科学(E辑),2007,37(2):129-150. 被引量:359
  • 2Vaughan-Nichols S J. How trustworthy is trusted computing[J]. IEEE Computer, 2003, 36(3) : 18 - 20.
  • 3Algridas A, Laprie J C, Brian R, et al. Basic concepts and taxonomy of dependable and secure computing[J]. IEEE Trans. on Dependable and Secure Computing, 2004, 1(1): 11 - 33.
  • 4Lampson P, Manferdelli B, WiUam J. A trusted open platform[J]. IEEE Computer, 2003, 36(7):55- 62.
  • 5Pandora E. Spyware, adware, autoexecution, and NGSCB[J]. Computer Security, 2003, (5) :366 - 377.
  • 6Dornan A. Trusted computing architectures[J]. Network Magazine, 2005, 20(7) :53 - 55.
  • 7Mell P, Grance T. The NIST Definition of Cloud Computing[R]. National Institute of Standards and Technology, Information Technology Laboratory, 2009.
  • 8Gartner: Seven cloud-computing security risks[EB/OL]. http:/ /www.networkworld.com/news/2OOS/O70208-cloud.html, 2008-07-02/2012-07-12.
  • 9Cloud Security Alliance. Security Guidance for Critical Areas of Focus in Cloud Computing V3.0[R]. The Cloud Security Appliance,2011.
  • 10Yan Liang, P, ong Chun- ming, Zhao Gan- sen. Strengthen cloud computing security with federal identity management using hierarchical identity- based cryptography[C]. In CloudCom' 09: Proceedings of the 1st International Conference on Cloud Computing, Beijing, China, 2009. 167- 177.

共引文献23

同被引文献26

引证文献4

二级引证文献14

华中科技大学学报(自然科学版)
2016年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部