| 基于支持向量机的隐藏进程检测技术研究 |
| |
| 引用本文: | 胡爱杰,徐荣聪. 基于支持向量机的隐藏进程检测技术研究[J]. 福州大学学报(自然科学版), 2012, 40(3): 304-309 |
| |
| 作者姓名: | 胡爱杰 徐荣聪 |
| |
| 作者单位: | 福州大学数学与计算机科学学院 |
| |
| 基金项目: | 国家自然科学基金资助项目(61072080) |
| |
| 摘 要: | 提出一种基于支持向量机的内核关键数据定位方法,通过向量机建立分类器对物理内存中执行体进程进行识别,建构可信进程视图.实验结果表明,该方法克服了现阶段利用操作系统版本信息的进程重构方法的缺陷,更具有通用性.
|
| 关 键 词: | 虚拟化技术 交叉视图 支持向量机 隐藏进程检测 执行体进程 |
The study of hidden process detection technology based on SVM |
| |
| HU Ai-jie,XU Rong-cong. The study of hidden process detection technology based on SVM[J]. Journal of Fuzhou University(Natural Science Edition), 2012, 40(3): 304-309 |
| |
| Authors: | HU Ai-jie XU Rong-cong |
| |
| Affiliation: | (College of Mathematics and Computer Science,Fuzhou University,Fuzhou,Fujian 350108,China) |
| |
| Abstract: | A kernel critical data structure location method based on support vector machine is proposed in this paper.We construct classifier by support vector machine model to classify EPROCESS data structure in raw memory and reconstruct trusted process semantic view.Experimental result shows that the method is more universal,as it overcomes the defect that dependence of operation system version information to reconstruct process semantic view. |
| |
| Keywords: | virtualization cross-view support vector machine hidden process detection EPROCESS |
| 本文献已被 CNKI 等数据库收录! |
| 点击此处可从《福州大学学报(自然科学版)》浏览原始摘要信息 |
|
点击此处可从《福州大学学报(自然科学版)》下载免费的PDF全文 |
