| 基于4级受信机制的可疑终端的恶意代码取证与分析 |
| |
| 引用本文: | 苗得雨,康学斌,肖新光.基于4级受信机制的可疑终端的恶意代码取证与分析[J].电信科学,2011,27(1):105-109. |
| |
| 作者姓名: | 苗得雨 康学斌 肖新光 |
| |
| 作者单位: | 北京安天电子设备有限公司; |
| |
| 基金项目: | 国家“863”计划基金资助项目(No.2009AA01Z436) |
| |
| 摘 要: | 本文分析了传统计算机取证技术在分析恶意代码取证方面的薄弱环节和难点,提出了一个基于4级受信机制的计算机取证分析模型的可疑终端的恶意代码取证方法和以4级受信机制为基础的恶意代码分析原则。阐述了对可疑终端计算机的静态取证手段,并以4级受信体制为例,通过大量数据测试和验证,证明了4级受信应用在可疑终端的恶意代码取证中的可行性、准确率和效率。
|
| 关 键 词: | 4级受信 可疑终端 恶意代码 计算机取证 受信机制 |
Analysis and Forensics of Malware in Suspicious Computer Based on Four Class Trust Model |
| |
| Miao Deyu,Kang Xuebin,Xiao Xinguang.Analysis and Forensics of Malware in Suspicious Computer Based on Four Class Trust Model[J].Telecommunications Science,2011,27(1):105-109. |
| |
| Authors: | Miao Deyu Kang Xuebin Xiao Xinguang |
| |
| Affiliation: | Miao Deyu,Kang Xuebin,Xiao Xinguang(Beijing Antiy Electronic Equipment Co.,Ltd.,Beijing 100084,China) |
| |
| Abstract: | This paper analyzes the weaknesses and difficulties of traditional computer forensics technology in the field of analyzing the malicious code evidentiary,proposes a suspicious computer forensics model based on four class trust mechanism.It describes a static forensics method for the suspicious terminals and by large amounts of experiments,shows the feasibility,accuracy and efficiency of four class trust mechanism in the application of malicious code forensics. |
| |
| Keywords: | four class trust suspicious terminal malicious code computer forensics trust mechanism |
| 本文献已被 CNKI 万方数据 等数据库收录! |
