| 人工免疫机制在木马检测系统中的应用研究 |
| |
| 引用本文: | 陈雷霆,张亮.人工免疫机制在木马检测系统中的应用研究[J].电子科技大学学报(自然科学版),2005,34(2):221-224. |
| |
| 作者姓名: | 陈雷霆 张亮 |
| |
| 作者单位: | 电子科技大学计算机科学与工程学院,成都,610054;电子科技大学计算机科学与工程学院,成都,610054 |
| |
| 基金项目: | 国家高技术研究发展计划(863计划),四川省科技攻关项目 |
| |
| 摘 要: | 指出了当前反病毒软件在检测未知木马方面的不足,介绍了人工免疫系统在反病毒软件自适应性方面的优点,以及人工免疫机制在木马检测方面的可行性;通过对木马新技术的分析,用一个木马模型证明了现在计算机安全体系的不足,提出将木马检测从反病毒软件中迁移到免疫型入侵检测系统中作为子系统,利用其免疫机制来提高木马检测的自适应能力;并同时提出了依据进程的系统资源使用状况来映射进程的系统调用的行为模式,以此建立了基于人工免疫机制的木马检测模型。
|
| 关 键 词: | 网络安全 人工免疫 特洛伊木马 入侵检测 |
| 收稿时间: | 2004-05-13 |
Research of Trojan Detection System Based on Artificial Immune |
| |
| CHEN Lei-ting,ZHANG Liang.Research of Trojan Detection System Based on Artificial Immune[J].Journal of University of Electronic Science and Technology of China,2005,34(2):221-224. |
| |
| Authors: | CHEN Lei-ting ZHANG Liang |
| |
| Affiliation: | 1.School of Computer Science and Engineering,UEST of China Chengdu 610054 |
| |
| Abstract: | This paper points out the deficiency in detecting the unknown Trojan horse of the present anti-virus software at first, introduces the advantage of artificial immune system in self-adaptability aspect, and points out the feasibility of artificial immunity mechanism in Trojan horses detection; Then through an analysis about the new technology of Trojan horses, proves the deficiency of current computer security system with a Trojan horses model, presents the transfer of Trojan horses detection from the anti-virus software to the subsystem of immune IDS, improves the self-adaptive capacity of Trojan horses detection with its immune mechanism; Finally, a behavior mode is put forward, which is mapped from the using situation of process systematic resource to the process systematic call, and by this means, a Trojan horse detection model based on artificial immunity mechanism is set up. |
| |
| Keywords: | |
| 本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《电子科技大学学报(自然科学版)》浏览原始摘要信息 |
|
点击此处可从《电子科技大学学报(自然科学版)》下载全文 |
|
