| 基于Windows环境下的进程保护技术的研究与实现 |
| |
| 引用本文: | 马金鑫,袁丁. 基于Windows环境下的进程保护技术的研究与实现[J]. 计算机应用与软件, 2010, 27(3): 18-21 |
| |
| 作者姓名: | 马金鑫 袁丁 |
| |
| 作者单位: | 四川师范大学计算机科学学院,四川,成都,610101 |
| |
| 基金项目: | 国家自然科学基金项目(60473030);;四川省科技厅科技攻关项目(05GG007-008) |
| |
| 摘 要: | 进程保护技术可以保护一个进程不被非法操作关闭来保证进程的正常运行,这种技术在信息安全的主机防护领域具有其不可替代的作用。进程保护技术可以应用于安全系统、杀毒软件自保护等方面,具有重要的研究价值。通过展开讨论API钩子技术和三线程保护技术的方式,来对进程保护常有的技术作出详细的阐述,并且提供了实现的方法。最后提出把这两种技术结合起来使用的新思路,以达到实现进程保护的最大可靠性。
|
| 关 键 词: | HOOKAPI PE 三线程保护 代码注入 |
ON PROCESS-PROTECTING BASED ON WINDOWS AND ITS IMPLEMENTATION |
| |
| Ma Jinxin,Yuan Ding. ON PROCESS-PROTECTING BASED ON WINDOWS AND ITS IMPLEMENTATION[J]. Computer Applications and Software, 2010, 27(3): 18-21 |
| |
| Authors: | Ma Jinxin Yuan Ding |
| |
| Affiliation: | School of Computer Science/a>;Sichuan Normal University/a>;Chengdu 610101/a>;Sichuan/a>;China |
| |
| Abstract: | Process-protecting technology can protect a process from shutting down by illegal operation,it plays an irreplaceable role in host protection field of the information security.The process-protecting technology can be used in self-protecting of security systems and antivirus software,and has significant research value.The paper expounds the frequently used technology in process protection area by discussing API-Hook and three-thread-protecting technologies and advances the implementation approaches of them.A... |
| |
| Keywords: | HOOKAPI PE Three-thread-protecting Code injection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
