| 未知病毒的行为分析和防御 |
| |
| 引用本文: | 恽俊,唐屹,刘磊,唐琰琰.未知病毒的行为分析和防御[J].广州大学学报(自然科学版),2006,5(1):32-36. |
| |
| 作者姓名: | 恽俊 唐屹 刘磊 唐琰琰 |
| |
| 作者单位: | 广州大学,数学与信息科学学院,广东,广州,510006;广州大学,数学与信息科学学院,广东,广州,510006;广州大学,数学与信息科学学院,广东,广州,510006;广州大学,数学与信息科学学院,广东,广州,510006 |
| |
| 摘 要: | 目前大多数反病毒软件只删除病毒文件,不能恢复受损的系统配置.分析病毒行为可以更精确地得出病毒的工作机理,是修复受损系统的重要途径.该文研究病毒和蠕虫在操作系统中的感染特征,得出了检测和防御未知病毒的普遍、快速而有效的方法.提出清除新病毒的行为逆转(BRB)模型,这种模型可通过分析病毒行为自动修复未知病毒对系统的损坏.
|
| 关 键 词: | 计算机病毒 手工杀毒 自动加载 蠕虫 入侵检测 |
| 文章编号: | 1671-4229(2006)01-0032-05 |
| 收稿时间: | 2005-10-31 |
| 修稿时间: | 2005-12-05 |
Methods of behavior analyzing and system recovery on unknown computer viruses |
| |
| YUN Jun,TANG Yi,LIU Lei,TANG Yan-yan.Methods of behavior analyzing and system recovery on unknown computer viruses[J].Journal og Guangzhou University:Natural Science Edition,2006,5(1):32-36. |
| |
| Authors: | YUN Jun TANG Yi LIU Lei TANG Yan-yan |
| |
| Institution: | School of Mathematics and Information Sciences, Guangzhou University, Cuangzhou,510006, China |
| |
| Abstract: | This paper presents how viruses reside and execute on Windows operating systems.Most of current anti-virus software which rely on virus character analysis can be cheated by modifying the virus's relative code. They cannot recover system configurations after virus infection,too.To resolve this problem,a general and effective method was proposed to manually detect and clear the virus,which is the only way to repair the system in some cases.The behavior rolling back(BRB) mode can recover the systems after viruses infection by analyzing the behavior of the unknown viruses. |
| |
| Keywords: | computer virus rootkit autorun worm IDS |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
