| 基于硬件辅助虚拟化技术的交叉视图进程检测 |
| |
| 引用本文: | 凌冲,吴志勇,孙乐昌,刘京菊. 基于硬件辅助虚拟化技术的交叉视图进程检测[J]. 电子科技, 2010, 23(8): 105-109 |
| |
| 作者姓名: | 凌冲 吴志勇 孙乐昌 刘京菊 |
| |
| 作者单位: | 解放军电子工程学院,网络工程系,安徽,合肥,230037;解放军电子工程学院,网络工程系,安徽,合肥,230037;解放军电子工程学院,网络工程系,安徽,合肥,230037;解放军电子工程学院,网络工程系,安徽,合肥,230037 |
| |
| 基金项目: | 安徽省重点实验室基金资助项目 |
| |
| 摘 要: | 分析了进程隐藏技术和检测技术,对Strider Ghost Buster所使用的交叉视图进程检测技术及相关问题进行了深入研究,结合硬件辅助虚拟化技术,提出了一种新的进程检测技术--HCDP。通过实验结果验证了HCDP的有效性和完整性。
|
| 关 键 词: | 进程检测 交叉视图差异 可信视图 硬件辅助虚拟化 |
Cross-views Process Detection Based on the Hardware-assisted Virtual Machine |
| |
| Ling Chong,Wu Zhiyong,Sun Lechang,Liu Jingju. Cross-views Process Detection Based on the Hardware-assisted Virtual Machine[J]. Electronic Science and Technology, 2010, 23(8): 105-109 |
| |
| Authors: | Ling Chong Wu Zhiyong Sun Lechang Liu Jingju |
| |
| Affiliation: | (Department of Network Engineering,Electronic Engineering Institute,PLA,Hefei 230037,China) |
| |
| Abstract: | The current process hiding and detection technologies are analyzed,and the mechanism of cross-views discrepancy utilized by Strider GhostBuster are studied in detail,and based on Hardware-Assisted Machine a new framework for process detection is proposed,namely HCDP,whose effectiveness and integrality are verified through experiment. |
| |
| Keywords: | process detection cross-views discrepancy trusted view hardware-assisted virtual machine |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《电子科技》浏览原始摘要信息 |
|
点击此处可从《电子科技》下载全文 |
|
