共查询到20条相似文献,搜索用时 203 毫秒
1.
木马隐藏技术的研究与分析 总被引:1,自引:0,他引:1
以WINDOWS系统环境为基础,分析了常见的木马隐藏技术及其特点,并给出了部分技术的实现原理。首先分析了单一木马程序的常见隐藏技术,然后根据Harold Thimbleby提出的木马模型和木马协同隐藏思想,提出了一种基于动态星型结构的木马协同隐藏模型,该模型展现了基于多木马结构的协同隐藏思想,通过采用代理方式通信,提高了各木马程序的隐蔽性和生存周期,增加了追查木马程序控制端地址的难度。 相似文献
2.
当今流行的木马程序开始采用隐蔽通信技术绕过蜜罐系统的检测。首先介绍木马常用的隐蔽通信技术以及越来越流行的内核层Rootkit隐蔽通信技术,并讨论了现阶段客户端蜜罐对于恶意程序的检测方式。针对蜜罐网络通信检测机制的不足,提出了一种有效的改进方案,使用基于NDIS中间层驱动的网络数据检测技术来获取木马通信数据包。该方案能够有效检测基于网络驱动的Rootkit隐蔽通信,提取木马关键通信信息,以进行对木马行为的跟踪和分析。 相似文献
3.
内核级木马隐藏技术研究与实践 总被引:9,自引:0,他引:9
文章通过对现有Linux下的内核级木马的隐藏和检测技术的分析研究,讨论了有关的隐藏和检测技术,并在此基础上实现了一个内核级木马。通过实验测试,该木马达到了较好的隐藏效果,可以避过目前大多数检测工具的检测。 相似文献
4.
5.
木马的植入与隐藏技术分析 总被引:8,自引:1,他引:7
论文首先介绍了木马的定义,概括了木马的特征——隐蔽性、欺骗性、自启动性和自动恢复性,并简单介绍了木马的结构和功能。随后,从缓冲区溢出、网站挂马、电子邮件、QQ传播等方面介绍了木马的植入技术,重点从通信隐藏、进程隐藏、文件隐藏三个方面介绍了木马的隐藏技术,最后展望了木马技术的发展趋势。 相似文献
6.
基于API HOOK技术的特洛伊木马攻防研究 总被引:1,自引:0,他引:1
文章首先对Windows下的API HOOK技术进行分析研究,并将该技术运用于特洛伊木马的属性隐藏中。然后在此基础上实现了一个基于API HOOK技术的内核级木马。通过实验测试,该木马达到了较好的隐藏效果,可以避开目前大多数检测工具的检测。最后,讨论了基于API HOOK技术的特洛伊木马的检测技术。 相似文献
7.
Rootkit木马隐藏技术分析与检测技术综述 总被引:1,自引:0,他引:1
对Rootkit技术和Windows操作系统内核工作流程作了简要介绍,对Rootkit木马的隐藏技术进行了分析,内容包括删除进程双向链表中的进程对象实现进程隐藏、SSDT表内核挂钩实现进程、文件和注册表键值隐藏和端口隐藏等Rootkit木马的隐藏机理,同时还对通过更改注册表和修改寄存器CR0的写保护位两种方式屏蔽WindowsXP和2003操作系统SSDT表只读属性的技术手段做了简要分析。最后对采用删除进程双项链表上的进程对象、更改内核执行路径和SSDT表内核调用挂钩3种Rootkit隐藏木马的检测技术作了概要性综述。 相似文献
8.
内核级木马是黑客入侵系统后保留后门的重要技术。文章主要分析和讨论了目前Linux下的常见的内核级木马的隐藏方法及其检测原理,重点分析了基于符号执行的模块二进制木马分析方法。 相似文献
9.
Ghost还原系统已经被广泛应用于计算机的系统还原,该技术在使用方便的同时,也存在着安全隐患。文中首先介绍了Ghost映像文件的格式,并阐述其解析的过程和原理。然后在此基础上引出针对Ghost还原系统映像的木马隐蔽驻留技术,并剖析了所实现的Ghost映像文件穿越的命令行工具。该工具读取解析Ghost映像文件,然后往其中写入后门文件来实现木马的隐蔽驻留。最后提出了如何预防和检测利用该方法隐蔽驻留的木马,确保系统还原后的完整和安全。 相似文献
10.
介绍网络隐蔽通道及其识别技术.在对网络隐蔽通道概念、原理和分类进行具体介绍的基础上,提出特征匹配、协议异常分析和行为异常分析三种隐蔽通道检测技术,并具体介绍了一个针对行为异常分析检测技术的典型应用.文中就网络隐蔽通道检测技术提出的三种手段相结合的思路具有较高的实用性和一定的创新性,已在实际应用中取得了较好的效果. 相似文献
11.
High purity organic-tantalum precursors for thin film ALD TaN were synthesized and characterized.Vapor pressure and thermal stability of these precursors were studied.From the vapor pressure analysis,it was found that TBTEMT has a higher vapor pressure than any other published liquid TaN precursor,including TBTDET,TAITMATA,and IPTDET.Thermal stability of the alkyl groups on the precursors was investigated using a 1H NMR technique.The results indicated that the tertbutylimino group is the most stable group on TBTDET and TBTEMT as compared to the dialkylamido groups.Thermal stability of TaN precursors decreased in the following order:TBTDET > PDMAT > TBTEMT.In conclusion,precursor vapor pressure and thermal stability were tuned by making slight variations in the ligand sphere around the metal center. 相似文献
12.
In order to diagnose the laser-produced plasmas, a focusing curved crystal spectrometer has been developed for measuring the X-ray lines radiated from a laser-produced plasmas. The design is based on the fact that the ray emitted from a source located at one focus of an ellipse will converge on the other focus by the reflection of the elliptical surface. The focal length and the eccentricity of the ellipse are 1350 mm and 0.9586, respectively. The spectrometer can be used to measure the X- ray lines in the wavelength range of 0.2-0.37 nm, and a LiF crystal (200) (2d = 0.4027 nm) is used as dispersive element covering Bragg angle from 30° to 67.5°. The spectrometer was tested on Shengnang- Ⅱ which can deliver laser energy of 60-80 J/pulse and the laser wavelength is 0.35 μm. Photographs of spectra including the 1 s2p ^1P1-1s^2 ^1S0 resonance line(w), the 1s2p ^3P2-1s^2 1S0 magnetic quadrupole line(x), the 1s2p ^3P1-1 s^2 ^1S0 intercombination lines(y), the 1 s2p ^3S~1-1 s^2 ^1S0 forbidden line(z) in helium-like Ti Ⅹ Ⅺ and the 1 s2s2p ^2P3/2-1 s622s ^2S1/2 line(q) in lithium-like Ti Ⅹ Ⅹhave been recorded with a X-ray CCD camera. The experimental result shows that the wavelength resolution(λ/△ 2) is above 1000 and the elliptical crystal spectrometer is suitable for X-ray spectroscopy. 相似文献
13.
This paper reviews our recent development of the use of the large-scale pseudopotential method to calculate the electronic structure of semiconductor nanocrystals, such as quantum dots and wires, which often contain tens of thousands of atoms. The calculated size-dependent exciton energies and absorption spectra of quantum dots and wires are in good agreement with experiments. We show that the electronic structure of a nanocrystal can be tuned not only by its size,but also by its shape. Finally,we show that defect properties in quantum dots can be significantly different from those in bulk semiconductors. 相似文献
14.
YUXiao-hua XIANGYu-qun 《半导体技术》2005,30(2):30-32,37
An improving utilization and efficiency of critical equipments in semiconductor wafer fabrication facilities are concerned. Semiconductor manufacturing FAB is one of the most complicated and cost sensitive environments. A good dispatching tool will make big difference in equipment utilization and FAB output as a whole. The equipment in this paper is In-Line DUV Scanner. There are many factors impacting utilization and output on this equipment group. In HMP environment one of the issues is changing of reticule in this area and idle counts due to load unbalance between equipments. Here we'll introduce a rule-based RTD system which aiming at decreasing the number of recipe change and idle counts among a group of scanner equipment in a high-mixed-products FAB. 相似文献
15.
The epi material growth of GaAsSb based DHBTs with InAlAs emitters are investigated using a 4 × 100mm multi-wafer production Riber 49 MBE reactor fully equipped with real-time in-situ sensors including an absorption band edge spectroscope and an optical-based flux monitor. The state-of-the-art hole mobilities are obtained from 100nm thick carbon-doped GaAsSb. A Sb composition variation of less than ± 0.1 atomic percent across a 4 × 100mm platen configuration has been achieved. The large area InAlAs/GaAsSb/InP DHBT device demonstrates excellent DC characteristics,such as BVCEO>6V and a DC current gain of 45 at 1kA/cm2 for an emitter size of 50μm × 50μm. The devices have a 40nm thick GaAsSb base with p-doping of 4. 5 × 1019cm-3 . Devices with an emitter size of 4μm × 30μm have a current gain variation less than 2% across the fully processed 100mm wafer. ft and fmax are over 50GHz,with a power efficiency of 50% ,which are comparable to standard power GaAs HBT results. These results demonstrate the potential application of GaAsSb/InP DHBT for power amplifiers and the feasibility of multi-wafer MBE for mass production of GaAsSb-based HBTs. 相似文献
16.
Meihua Shen Wilfred Pau Nicolas Gani Jianping Wen Shashank Deshmukh Thorsten Lill Jian Zhang Hanming Wu Guqing Xing 《半导体技术》2004,29(8)
This paper presents a brief overview of the Applied Centura(R)DPS(R)system,configured with silicon etch DPS Ⅱ chamber, with emphasis on discussing tuning capability for CD uniformity control. It also presents the studies of etch process chemistry and film integration impact for an overall successful gate patterning development. Discussions will focus on resolutions to key issues, such as CD uniformity, line-edge roughness, and multilayer film etching integration. 相似文献
17.
White organic light-emitting devices based on fac tris(2- phenylpyridine) iridium sensitized 5,6,11,12-tetraphenylnap -hthacene 总被引:1,自引:0,他引:1
We have fabricated the white organic light-emitting devices (WOLEDs) based on 4,4' -bis(2,2 -diphenyl vinyl)-1,1' - biphenyl (DPVBi) and phosphorescence sensitized 5,6,11,12,-tetraphenylnaphthacene (rubrene). The device structure is ITO/2T-NATA (20 nm)/NPBX (20 nm)/CBP: x%Ir(ppy)3:0.5% rubrene (8 nm)/NPBX (5 nm)/DPVBi (30 nm)/Alq(30 nm)/LiF(0.5 nm)/A1. In the devices, DPVBi acts as a blue light-emitting layer, the rubrene is sensitized by a phosphorescent material, fac tris (2-phenylpyridine) iridium [Ir(ppy)3], acts as a yellow light-emitting layer, and N,N' -bis- (1-naphthyl)- N,N' -diphenyl -1, 1' -biphenyl-4,4' -diamine (NPBX) acts as a hole transporting and exciton blocker layer, respectively. When the concentration of Ir (PPY)3 is 6wt%, the maximum luminance is 24960 cd/m^2 at an applied voltage of 15 V, and the maximum luminous efficiency is 5.17 cd/A at an applied voltage of 8 V. 相似文献
18.
Complete approach to automatic identification and subpixel center location for ellipse feature 总被引:1,自引:0,他引:1
XUE Ting WU Bin SUN Mei YE Sheng-hua 《光电子快报》2008,4(1):51-54
To meet the need of automatic image features extraction with high precision in visual inspection, a complete approach to automatic identification and sub-pixel center location for similar-ellipse feature is proposed. In the method, the feature area is identified automatically based on the edge attribute, and the sub-pixel center location is accomplished with the leastsquare algorithm. It shows that the method is valid, practical, and has high precision by experiment. Meanwhile this method can meet the need of instrumentation of visual inspection because of easy realization and without man-machine interaction. 相似文献
19.
20.
We calculate the Langevin noise sources of self-pulsation laser diodes, analyze the effects of active region noise and saturable-absorption region noise on the power fluctuation as well as period fluctuation, and propose a novel method to restrain the noise effects. A visible SIMULINK model is established to simulate the system, The results indicate that the effects of noise in absorption region can be ignored; that with the increase of DC injecting current, the noise effects enhance power jitter, and nevertheless, the period jitter is decreased; and that with external sinusoidal current modulating the self-pulsation laser diode, the noise-induced power jitter and period jitter can be suppressed greatly. This work is valuable for clock recovery in all-optical network. 相似文献