关键词: 主机入侵防御系统，移动终端安全，实时监控，云安全

Abstract: Aiming at the demand of the high efficiency and lightweight client of virus prevention for mobile terminal, this paper improved the HIPS by the technology of cloud security to form the cloud monitoring model. Through adding file property judge function and moving rule library and the work of file property judge to the server, the server system occupies was reduced. Through changing the strategy of rule-making, according to different virus set different rules, the complexity of the rules was reduced and the efficiency of rules matching was improved. Through the black and white list technology and a single step dangerous behavior analysis, the cost of communication between the client and server was reduced and the efficiency of file property judge was improved. hhrough changing monitoring mode, changing the active monitoring to passive, the working time was reduced and the working efficiency of the cloud monitoring model was improved. Finally, the formal method proves the security of the cloud monitoring model.

Key words: HIPS, Mobile terminal security, Real-time monitoring, Cloud security