查詢結果分析
來源資料
頁籤選單縮合
題 名 | 實作一個即時啟動監視器=Implementation of a Real-time Startup Monitor |
---|---|
作 者 | 許博學; | 書刊名 | 正修學報 |
卷 期 | 21 2008.11[民97.11] |
頁 次 | 頁77-91 |
分類號 | 312.76 |
關鍵詞 | 電腦安全; 資訊安全; 入侵防禦系統; 惡意程式; 開機啟動; Computer security; Information security; Intrusion protection system; Malware; Auto-start; |
語 文 | 中文(Chinese) |
中文摘要 | 本文著重在描述如何實作一個即時啟動監視器,來達到即時阻擋惡意程式入侵的目標。任何程式一更動登錄執行鍵值企圖將自己設定爲開機啟動程式,啟動監視器便立即察覺發出警訊通知。如果警訊視窗出現時,使用者並未在安裝該程式,就可判斷是被惡意程式入侵;此時使用者點選「否」按鈕,讓啟動監視器取消這項異動,即可避免被惡意程式盤據電腦系統。實作上,主要運用WMI來達成對登錄執行鍵值做即時異動監控的目標。 |
英文摘要 | This manuscript mainly describes how to implement a real-time startup monitor and make it as a real-time malware blocker. The startup monitor will issue a warning dialog to user immediately when a registry run key is changed by some program to make itself auto-start. If the concerned auto-start program is not what the user is currently installing, then the user can intuitively click the "No" button to let startup monitor cancel registry variation and protect computer from being occupied by malware. WMI (Windows Management Instrumentation) is mainly used to achieve the goal of real-time monitoring on changes of registry run keys. |
本系統中英文摘要資訊取自各篇刊載內容。