| 基于FMEA的应用软件恶意性检查的研究 |
| |
| 引用本文: | 胡乃强,吴灏.基于FMEA的应用软件恶意性检查的研究[J].计算机工程与设计,2007,28(12):2803-2805,2808. |
| |
| 作者姓名: | 胡乃强 吴灏 |
| |
| 作者单位: | 解放军信息工程大学,网络工程系,河南,郑州,450002 |
| |
| 摘 要: | FMEA(失效模式与后果分析)是一种工程开发的重要思想.将FMEA的思想应用到软件恶意性检查之中,针对恶意软件的特点,提出了软件恶意性检测系统的协议及理论,详细设计了软件恶意性检测系统的方案,着重在软件的行为特征检测方面进行了剖析.实现了对于进程信息和网络相关信息的综合分析和异常情况判断,并以内核驱动程序的方式实现了对注册表信息和文件操作的动态监控,达到了比较准确地判断和识别恶意程序的目的,最后给出了一个在实际系统中的应用实例和测试结果.
|
| 关 键 词: | 失效模式与后果分析 恶意软件 异常行为 监控 协议 FMEA 应用软件 检查 研究 based software application checking 测试结果 系统 恶意程序 识别 情况判断 比较 动态监控 文件操作 注册表 内核驱动程序 异常 综合分析 |
| 文章编号: | 1000.-7024(2007)12-2803-03 |
| 修稿时间: | 2006-06-01 |
Research on checking of malicious application software based on FMEA |
| |
| HU Nai-qiang,WU Hao.Research on checking of malicious application software based on FMEA[J].Computer Engineering and Design,2007,28(12):2803-2805,2808. |
| |
| Authors: | HU Nai-qiang WU Hao |
| |
| Affiliation: | Department of Network Technology, Information Engineering University of PLA, Zhengzhou 450002, China |
| |
| Abstract: | FMEA(failure mode and effects analysis) is an important method in project research.The FMEA thought is applied to the software malicious detection,a theory and a protocol of detecting the target software are brought forward and a project is designed carefully in allusion to the malicious software characteristics,especially in the action characteristic after the target software running.It is achieved to analyze the process and net-related information synthetically and to judge the abnormal conditions at the same time.Also,it comes true to monitor the dynamic actions to the registry and the files in the form of kernel drivers.Then,the malicious software is identified more exactly.An application example and test results are given. |
| |
| Keywords: | failure mode and effects analysis malicious software abnormality monitor protocol |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
