微型机与应用
微型機與應用
미형궤여응용
MICROCOMPUTER & ITS APPLICATIONS
2015年
10期
4-6,12
,共4页
进程隐藏%信息隐藏%进程守护%远程线程注入%可移动存储设备
進程隱藏%信息隱藏%進程守護%遠程線程註入%可移動存儲設備
진정은장%신식은장%진정수호%원정선정주입%가이동존저설비
process hiding%information hiding%process maintaining%remote thread inject%removable storage device
可移动存储设备管理系统在运行时会面临攻击者采用任务管理器或第三方工具强行关闭的攻击,可能导致应用程序无法正常运行。为解决这类应用程序安全运行的问题,提出一种融合进程隐藏和进程守护技术的可移动存储设备管理系统安全运行方案。该方案利用改进的远程线程注入技术提高系统隐蔽性,利用双守护进程的两级监控体系提高系统健壮性,从而达到维护程序安全运行的目的。应用结果表明,该方案能够很好地抵抗强行关闭攻击。
可移動存儲設備管理繫統在運行時會麵臨攻擊者採用任務管理器或第三方工具彊行關閉的攻擊,可能導緻應用程序無法正常運行。為解決這類應用程序安全運行的問題,提齣一種融閤進程隱藏和進程守護技術的可移動存儲設備管理繫統安全運行方案。該方案利用改進的遠程線程註入技術提高繫統隱蔽性,利用雙守護進程的兩級鑑控體繫提高繫統健壯性,從而達到維護程序安全運行的目的。應用結果錶明,該方案能夠很好地牴抗彊行關閉攻擊。
가이동존저설비관리계통재운행시회면림공격자채용임무관리기혹제삼방공구강행관폐적공격,가능도치응용정서무법정상운행。위해결저류응용정서안전운행적문제,제출일충융합진정은장화진정수호기술적가이동존저설비관리계통안전운행방안。해방안이용개진적원정선정주입기술제고계통은폐성,이용쌍수호진정적량급감공체계제고계통건장성,종이체도유호정서안전운행적목적。응용결과표명,해방안능구흔호지저항강행관폐공격。
The removable storage device management system would be subject to force closing attack such as using task manager or third-party tools during runtime which could cause the system not to run. To cope with these system safe running problems, an integration of process hiding and process maintaining safe running method of removable storage device management system is proposed. Using modified remote thread inject technology to improve system stealthiness , using two monitoring system based on double process maintaining to improve system robustness, and then the system can run safely. Finally, application results show that the mothed can resist force closing attack effectively.
