中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 基础软件国家工程研究中心  > 期刊论文
题名:
面向恶意软件分析及保护的文件系统
作者: Liang Hong-Liang ; Dong Shou-Ji ; Liu Shu-Chang
关键词: 恶意软件 ; 文件系统 ; 版本化 ; 钩子 ; 恢复
刊名: Beijing Youdian Daxue Xuebao/Journal of Beijing University of Posts and Telecommunications
发表日期: 2011
卷: 34, 期:3, 页:58-61
部门归属: (1) School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876, China; (2) Institute of Software, Chinese Acad. of Sci., Beijing 100190, China; (3) Institute of National Security Science and Technology, Beijing 100044, China; (4) School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044, China
摘要: 为应对危害日益严重的恶意软件,提出在文件系统层对恶意软件进行分析和防御,并尽可能减少其影响的方法,设计实现了面向恶意软件分析和保护的文件系统(MAPFS).该系统通过文件版本化技术和钩子技术,可记录1个进程在其生命过程中对文件系统的一系列修改.这些行为记录可作为分析恶意软件的重要依据,也可用于对被破坏的重要文件进行恢复保护.实验结果表明,该方法可有效用于恶意软件的分析及保护,MAPFS在性能方面的影响低于10%.
英文摘要: Malwares and their resulting threats are growing urgently. A method at the file system level is provided for analysis and defense against malwares with reducing the loss as possible, and implements a file system for malware analysis and protection (MAPFS). With check-point and file versioning technology, MAPFS can record the modifications in file systems during the process. These records are important for analysis of malware behavior, and may be used to recover the files damaged by the malwares. Experiments show that this method is effective in analysis and defense of malwares, and MAPFS only brings a little loss lower than 10 percent.
语种: 中文
内容类型: 期刊论文
URI标识: http://ir.iscas.ac.cn/handle/311060/13835
Appears in Collections:基础软件国家工程研究中心_期刊论文

Files in This Item:
File Name/ File Size Content Type Version Access License
面向恶意软件分析及保护的文件系统.pdf(1106KB)----限制开放-- 联系获取全文

Recommended Citation:
Liang Hong-Liang,Dong Shou-Ji,Liu Shu-Chang. 面向恶意软件分析及保护的文件系统[J]. Beijing Youdian Daxue Xuebao/Journal of Beijing University of Posts and Telecommunications,2011-01-01,34(3):58-61.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[Liang Hong-Liang]'s Articles
[Dong Shou-Ji]'s Articles
[Liu Shu-Chang]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[Liang Hong-Liang]‘s Articles
[Dong Shou-Ji]‘s Articles
[Liu Shu-Chang]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace