| 基于线程管理-端口截听的木马检测系统的设计 |
| |
| 引用本文: | 李蓉,周维柏.基于线程管理-端口截听的木马检测系统的设计[J].甘肃联合大学学报(自然科学版),2009,23(1). |
| |
| 作者姓名: | 李蓉 周维柏 |
| |
| 作者单位: | 华南师范大学,增城学院,广东,广州,511363 |
| |
| 基金项目: | 广东省本科高等教育教学改革项目 |
| |
| 摘 要: | 随着互联网越来越生活化,层出不穷的木马已是网络安全的主要威胁,其隐蔽性很强,使一般检测工具难以检测.本系统通过直接扫描系统内核中的活动线程以及截拦活动线程的网络数据流量来进行木马的检测.可以检测出当前所有类型的进程隐藏木马.
|
| 关 键 词: | 线程调度 进程隐藏 端口截听 木马 |
Design of Trojan Horse Detecting System-Based on Thread Management and Port Intercepting |
| |
| LI Rong,ZHOU Wei-bai.Design of Trojan Horse Detecting System-Based on Thread Management and Port Intercepting[J].Journal of Gansu Lianhe University :Natural Sciences,2009,23(1). |
| |
| Authors: | LI Rong ZHOU Wei-bai |
| |
| Institution: | Zengcheng College of South China Normal University;Guangzhou 511363;China |
| |
| Abstract: | With internet widely used in our daily life,the Trojan horses are emerging one after another and have become the main threat of network security.The deep hiding of the Trojan horses makes it difficult to detect them with ordinary tools.But this system discussed here can detect the Trojan horses by means of directly scanning active threads in system kernel and intercepting the network data flow of the active threads to find all types of current hidden processes. |
| |
| Keywords: | thread dispatch process hiding port intercept Trojan horse |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
