查詢結果分析
來源資料
頁籤選單縮合
題名 | 設計一個適用一般人的主機入侵防禦系統=Design a User-Suited Host Intrusion Prevention System |
---|---|
作者姓名(中文) | 許博學; | 書刊名 | 正修學報 |
卷期 | 22 2009.11[民98.11] |
頁次 | 頁197-209 |
分類號 | 312.76 |
關鍵詞 | 資訊安全; 主機入侵防禦系統; 惡意程式; 開機啟動; Information security; Host intrusion prevention system; Malware; Auto-start; |
語文 | 中文(Chinese) |
中文摘要 | 爲因應零時差攻擊,目前防毒軟體都會結合HIPS的行爲分析技術,訂定規則來檢視異常行爲並且判斷是否爲入侵攻擊。但是一般HIPS普遍存在三項缺失:過高的誤報率、執行效能不佳、與不適合非資訊專長的一般人使用。本論文討論如何設計一個適用於一般人的主機入侵防禦系統,簡稱USHIPS。它具備低誤報率、僅佔用少量電腦資源、以及適合一般人使用等三項特色。USHIPS主要挑戰,在於即時性與全面性偵測開機啟動註冊事件,並且要能夠自動取消註冊,達成阻斷惡意程式入侵的目標。 |
英文摘要 | In order to prevent zero-day attacks, behavior analysis technique in HIPS is integrated into current anti-virus software, and tries hard to identify intrusion by examining anomaly behaviors through multiple rules. But in general, there are three drawbacks in HIPS: high false alarm rate, poor performance, and not suitable for average users who are not IT specialists. Therefore we design a USHIPS (User-Suited Host Intrusion Prevention System) to address these issues. The USHIPS will demonstrate three major features: low false alarm rate, using only small amount of computer resources, and being suitable for average users. Main challenges of the USHIPS are to fulfill function requirements of both real-time and total detection of any auto-start registry event, and the capability of automatic registry cancellation to prevent malware intrusion. |
本系統之摘要資訊系依該期刊論文摘要之資訊為主。