计算机科学 ›› 2016, Vol. 43 ›› Issue (Z6): 348-352.doi: 10.11896/j.issn.1002-137X.2016.6A.083
朱智强,赵志远,孙磊,杨杰
ZHU Zhi-qiang, ZHAO Zhi-yuan, SUN Lei and YANG Jie
摘要: 针对现有虚拟化环境下Rootkit检测技术易被绕过、性能开销大的问题,提出了虚拟化环境下基于职能分离的检测系统架构XenMatrix,其在保证检测系统透明性的同时提高了自身的安全性;设计了检测频率的自适应调整策略,实现了Rootkit检测频率的动态调整,有效降低了系统的性能开销。最后对实验结果的分析表明,相比现有检测技术,该原型系统能够有效检测Rookit,具有较高的检测率和较低的性能开销。
| [1] Kale V.Guide to Cloud Computing for Business and Technology Managers:From Distributed Computing to Cloudware Applications[M].CRC Press,2014 [2] 石磊,邹德清,金海,等.Xen虚拟化技术[M].武汉:华中科技大学出版社,2009 [3] 陈祝红.Xen虚拟化平台下入侵检测系统研究与实现[D].合肥:中国科学技术大学,2013 [4] Jones S T,Arpaci-Dusseau A C,Arpaci-Dusseau R H.Antfarm:Tracking Processes in a Virtual Machine Environment[C]∥USENIX Annual Technical Conference.General Track,2006:1-14 [5] Chen L,Liu B,Zhang J,et al.An advanced method of process reconstruction based on VMM[C]∥2011 International Confe-rence on Computer Science and Network Technology (ICCSNT).IEEE,2011,2:987-992 [6] 陈林.基于虚拟机的恶意代码检测关键技术研究[D].长沙:国防科学技术大学,2012 [7] 芦天亮.基于人工免疫系统的恶意代码检测技术研究 [D].北京:北京邮电大学,2013 [8] Dastanpour A,Ibrahim S,Mashinchi R.Using Genetic Algo-rithm to Supporting Artificial Neural Network for Intrusion Detection System[C]∥The International Conference on Computer Security and Digital Investigation (ComSec2014).The Society of Digital Information and Wireless Communication,2014:1-13 [9] Negnevitsky M.Artificial intelligence:a guide to intelligent systems[M].Pearson Education,2005 [10] Negnevitsky M.Artificial intelligence:a guide to intelligent systems[M].Pearson Education,2005 [11] 陈易,张杭,胡航.基于 BP 神经网络的协作频谱感知技术[J].计算机科学,2015,42(2):43-45,64 [12] 陈友,程学旗,李洋,等.基于特征选择的轻量级入侵检测系统[J].软件学报,2007,18(7):1639-1651 |
| No related articles found! |
|
||
首页