A Method to Defend File-Attacking

0 IntroductionMalware of information attacking ai ms to steal and de-stroy program and data of user or system,includingTroy horse,virus , worm,spy-ware,and so on. They havecausedinvaluable loss all over the world. Till now,research-ers can not define malware accurately,and have no wayto de-fend unknown malware or malicious applicationsin real-ti me.Anti-virus software adopts special algorithm,andthe keyisidentification of virus . However ,itis a well-known difficul-ty to recognize unknown vir…

A method to defend file-attacking

The paper points out that the deep reason why modern computer system fails to defense malware lies in that user has no right to control the access of information, and proposes an explicit authorization mechanism. Its basic idea is that user explicitly authorizes program the file set it can access, and monitor all file access operations; once program requests to access file out of the authorized file set, refuse it, and this means that the program is malicious or has design errors. Computers based on this novel mechanism can protect information from attacking reliably, and have good software and hardware compatibility. A testing system is presented to validate our theory.