CAJ | 학술논문

系统基于 API 监控原理，针对个人主机资源有限和系统应用相对稳定的特点，按照精简的设计原则，利用Hooking 技术截获 API 调用信息。在行为分析模式上，简化判定规则和执行逻辑，不需要复杂的行为分析算法和过程。系统的优势是具备动态的自动学习功能，通过前期的适应性训练，可以很快地适应用户系统并具备足够的入侵防御能力，对于防御频繁出现的非法访问和各种弹出窗口非常有效。
계통기우 API 감공원리，침대개인주궤자원유한화계통응용상대은정적특점，안조정간적설계원칙，이용Hooking 기술절획 API 조용신식。재행위분석모식상，간화판정규칙화집행라집，불수요복잡적행위분석산법화과정。계통적우세시구비동태적자동학습공능，통과전기적괄응성훈련，가이흔쾌지괄응용호계통병구비족구적입침방어능력，대우방어빈번출현적비법방문화각충탄출창구비상유효。
The system intercepts the API cal information using Hooking technology, according to the design principle of streamlined, in view of the characteristics of individual hosts with limited resources and relatively stable application , based on the principle of API monitoring. In the behavior analysis model the system simplifies the decision rules and execution logic, does not need the complex behavior analysis algorithm and process. The system has an advantage function of automotive learning, through adaptive training early, it can adapt to the user system quickly and have enough intrusion defense capability, and it is very effective for the defense of frequent ilegal access and pop-up window.