| 基于免疫原理的可执行文件签名验证模型的研究 |
| |
| 引用本文: | 李媛圆,吴灏,张涛,林东贵.基于免疫原理的可执行文件签名验证模型的研究[J].微计算机信息,2005(26). |
| |
| 作者姓名: | 李媛圆 吴灏 张涛 林东贵 |
| |
| 作者单位: | 郑州解放军信息工程大学信息工程学院,郑州解放军信息工程大学信息工程学院,郑州解放军信息工程大学信息工程学院,郑州解放军信息工程大学信息工程学院 |
| |
| 基金项目: | 国家863基金资助项目(2003AA146010) |
| |
| 摘 要: | 病毒发现和防治策略是操作系统安全框架的重要组成部分。目前通过特征码匹配进行查杀病毒的方法通常落后于计算机病毒的发展,已经不能满足日益迫切的安全需求。文章根据生物体免疫系统检测病毒的机理,提出了一种对可执行文件签名验证的模型,通过文件签名界定“自我”和“非我”,并以此为依据完成系统中恶意代码的发现。最后介绍了在Windows操作系统下开发的基于可执行文件签名验证模型的病毒检测系统。
|
| 关 键 词: | 免疫 病毒 可执行文件 签名 验证 |
Research on the signature and verification model of Portable Executable file based on the principle of immune |
| |
| Li,Yuanyuan Wu,Hao Zhang,Tao Lin,Donggui.Research on the signature and verification model of Portable Executable file based on the principle of immune[J].Control & Automation,2005(26). |
| |
| Authors: | Li Yuanyuan Wu Hao Zhang Tao Lin Donggui |
| |
| Affiliation: | (Information Engineering College of PLA,Informa- tion Engineering University,Zhengzhou 450002)Li,Yuanyuan Wu,Hao Zhang,Tao Lin,Donggui |
| |
| Abstract: | The policy of virus detection and prevention is an im- portance aspect of the safe frame in operating system. The method of pattern matching to detect and kill viruses is general- ly beyond the development of computer viruses at present, and couldn' t meet the ever imminent needs of security. In this pa- per according to the principle of the viruses detection of the bio- logical immune system, a kind of portable executable file' s signature and verification model is put forward, and this method defines self and non- self by the file signature, which could be used to find the malice code in the system. At last a viruses detection system based on the model of portable executable file ' s signature and verification is introduced under the operate system of Windows in this paper. |
| |
| Keywords: | immunity virus portable executable file signa- ture verification |
| 本文献已被 CNKI 等数据库收录! |
|
