| 高速网络环境下恶意代码的监测技术 |
| |
| 引用本文: | 张鑫,张健.高速网络环境下恶意代码的监测技术[J].信息网络安全,2010(11):57-59. |
| |
| 作者姓名: | 张鑫 张健 |
| |
| 作者单位: | 国家计算机病毒应急处理中心,天津300457 |
| |
| 摘 要: | 高速网络环境下恶意代码的监测技术是实现对计算机病毒和网络攻击事件动态监测、应急处置的重要手段,是有效防范计算机病毒传播、及时发现重大网络攻击事件苗头的重要措施,进一步增强了我国互联网络信息安全的整体防御能力。通过高速网络环境下恶意代码的监测技术,可以掌握我国各个地区的网络病毒传播情况,可以为信息安全主管机关提供准确的病毒疫情。开发过程中主要技术包括零拷贝报文捕获技术;采取多线程TCP/IP协议栈的方法来提高系统的整体性能;基于大流量的未知恶意代码检测技术。
|
| 关 键 词: | 预警监测 零拷贝 多线程 |
Monitoring of malicious code in High-speed network |
| |
| Zhang Xin,Zhang Jian.Monitoring of malicious code in High-speed network[J].Netinfo Security,2010(11):57-59. |
| |
| Authors: | Zhang Xin Zhang Jian |
| |
| Affiliation: | ( National Computer Virus Emergency Response Centre, Tianjing 300457, China ) |
| |
| Abstract: | Monitoring of malicious code in High-speed network is an all-round solution target with the virus and attack event. It improves the defence in network security of our nation. The information of virus distribution in each area of nation could be acquired through this technology. A technology of Zero Copy data capture is applied in our development. In addition, multi-thread TCP/IP stack is used to improve the performance of the system. Uknown malicious code detection based on traffic is also included. |
| |
| Keywords: | Warning detection Zero-Copy multi-thread |
| 本文献已被 维普 万方数据 等数据库收录! |
|
