| 基于Linux的未知木马检测系统研究及实现 |
| |
| 引用本文: | 张晛譞,范明钰.基于Linux的未知木马检测系统研究及实现[J].计算机安全,2010(5):1-3. |
| |
| 作者姓名: | 张晛譞 范明钰 |
| |
| 作者单位: | 电子科技大学,计算机学院,四川,成都,610054 |
| |
| 基金项目: | 国家863项目(2009AA01Z403);;国家863项目(2009AA01Z435) |
| |
| 摘 要: | 针对传统木马检测方法对未知木马识别能力低下的缺陷,结合行为监控和人工免疫学,建立并实现了一个基于Linux的未知木马检测系统。该系统具备自主检测和自学习功能,结合内容检测,利用网络监控检测局域网内部计算机的木马存在情况。实验测试表明,该系统降低了检测的漏报率,具有良好的检测效果。
|
| 关 键 词: | 未知木马检测 行为监控 网络监控 内容检测 |
Unknown Trojan Linux-based Detection System Research and Realization |
| |
| ZHANG Xian-xuan,FAN Ming-yu.Unknown Trojan Linux-based Detection System Research and Realization[J].Network & Computer Security,2010(5):1-3. |
| |
| Authors: | ZHANG Xian-xuan FAN Ming-yu |
| |
| Affiliation: | School of Computer Science and Engineering;University of Electronic Science and Technology of China;Chengdu;Sichuan 610054;China |
| |
| Abstract: | According to the defects of the traditional technology of the detection of the Trojan,combination of behavior monitoring and artificial immune,established and implemented a Linux-based detection system of unknown Trojan.The system has self-monitoring and self-learning function,combined with content inspection,used within the LAN network monitoring detected the presence of local area network computer Trojan horse.Experimental tests show that the system reduces the omission rate,have good detection results. |
| |
| Keywords: | unknown Trojan detection behavior monitoring Network Monitoring content inspection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
