计算机技术与发展
計算機技術與髮展
계산궤기술여발전
COMPUTER TECHNOLOGY AND DEVELOPMENT
2013年
12期
151-154,160
,共5页
USB可移动存储设备%文件系统过滤驱动%文件监控
USB可移動存儲設備%文件繫統過濾驅動%文件鑑控
USB가이동존저설비%문건계통과려구동%문건감공
USB removable storage device%filter driver of file system%file monitor
针对USB可移动存储设备日益成为越来越多的病毒、木马的主要攻击对象,尤其是窃密木马等会扫描接入系统的USB可移动存储设备并将机密文件秘密地复制并通过网络发送出去,造成严重的安全隐患的问题,文中在微软文件系统过滤驱动开发模型Sfilter的基础上,设计开发了一款USB可移动存储设备监控软件,通过截获对于USB可移动存储设备内文件操作的IRP( I/O Request Packet),分析出相应的文件操作类型,对截获到的IRP进行不同的处理,实现了可控的安全进程规则与防拷贝功能,并结合相应的日志显示最终保证了USB可移动存储设备内文件的安全性。经过实验测试,软件系统运行正常,能够有效监控USB可移动存储设备内文件的访问和存取等操作。
針對USB可移動存儲設備日益成為越來越多的病毒、木馬的主要攻擊對象,尤其是竊密木馬等會掃描接入繫統的USB可移動存儲設備併將機密文件祕密地複製併通過網絡髮送齣去,造成嚴重的安全隱患的問題,文中在微軟文件繫統過濾驅動開髮模型Sfilter的基礎上,設計開髮瞭一款USB可移動存儲設備鑑控軟件,通過截穫對于USB可移動存儲設備內文件操作的IRP( I/O Request Packet),分析齣相應的文件操作類型,對截穫到的IRP進行不同的處理,實現瞭可控的安全進程規則與防拷貝功能,併結閤相應的日誌顯示最終保證瞭USB可移動存儲設備內文件的安全性。經過實驗測試,軟件繫統運行正常,能夠有效鑑控USB可移動存儲設備內文件的訪問和存取等操作。
침대USB가이동존저설비일익성위월래월다적병독、목마적주요공격대상,우기시절밀목마등회소묘접입계통적USB가이동존저설비병장궤밀문건비밀지복제병통과망락발송출거,조성엄중적안전은환적문제,문중재미연문건계통과려구동개발모형Sfilter적기출상,설계개발료일관USB가이동존저설비감공연건,통과절획대우USB가이동존저설비내문건조작적IRP( I/O Request Packet),분석출상응적문건조작류형,대절획도적IRP진행불동적처리,실현료가공적안전진정규칙여방고패공능,병결합상응적일지현시최종보증료USB가이동존저설비내문건적안전성。경과실험측시,연건계통운행정상,능구유효감공USB가이동존저설비내문건적방문화존취등조작。
Aiming at the problem that the USB portable storage devices have been considered as one of the chief attacking targets by an increasing number of computer viruses and Trojans,some of which can even scan for the available USB device,sneakingly copying its se-cret documents and then spreading them with network,finally triggering serious security issues,based on Sfilter,the filtering driver proto-type of Microsoft file system,develop a USB monitor software whose functions by intercepting various IRP ( I/O Request Packet) of the USB device are to work out the corresponding file operation types and take relevant reactions. The system supports custom-made security process rules,achieves anti-copying and guarantees the security of the USB device by showing the logs. The experiment shows that the system works well and is able to effectively supervise the accessing to the files in USB device.
