共查询到20条相似文献,搜索用时 343 毫秒
1.
针对智能手机因中木马而产生话费给用户带来损失、杀毒软件无法查杀新木马、防火墙等手段不能很好解决木马问题的现状,对木马行为和正常业务行为进行了分析,提出一种基于业务行为特征的安全监控策略,通过对业务模块的认证达到安全监控的目的,有效阻止木马程序的破坏行为。 相似文献
2.
3.
4.
《信息技术》2016,(9):214-218
随着智能手机的快速普及,智能手机恶意APP的数量与日俱增。恶意行为代码的二次复用开发、恶意APP的自动生成技术使得具有恶意行为的APP开发效率大大提高,恶意程序的数量急剧上升,现有的恶意行为特征库分类繁杂、良莠不齐,不利于对恶意APP进行恶意行为分析。一个全面、稳定、可扩展的恶意行为特征库,能有效地提高对恶意行为软件的检测精度,有利于分析恶意行为的不断演化的特征。文中基于APP逆向工程研究提出了一个基于文本挖掘以及信息检索的恶意特征库构建方法,并通过构建恶意行为演化关系树对恶意行为簇之间的演化关系进行了分析,经过实验验证本文提出的构建恶意行为特征库方法对静态分析恶意应用提供了可靠的基础,提高了恶意行为检测精度。 相似文献
5.
提到智能手机的安全防护,人们的第一反应是查杀病毒。的确,智能手机的操作系统为更多的业务应用提供了平台,但是也为病毒程序提供了可乘之机,伴随着智能手机的普及,各种病毒日益泛滥。 相似文献
6.
病毒行为属性中的非典型特征会对病毒识别带来一定干扰,影响最终识别结果的可靠性,为此,提出基于静态行为特征的计算机病毒识别方法研究.利用API调用序列获取病毒在计算机中的行为特征,通过在熵值化处理的特征中加入时钟,确定特征与API操作状态之间的对应关系,得到病毒的静态行为特征,运用数据包线速处理的方式计算出待识别目标的H... 相似文献
7.
《电子技术与软件工程》2016,(18)
随着近年来网络技术的飞速发展,安全问题日益突出,病毒、木马、后门程序等恶意代码层出不穷,重大经济损失事件及重要泄密事件频频发生。传统的代码检查技术主要依靠特征码,静态分析等手段,对分析者的技术要求高,效率较低,难以实现批量检查。针对这些缺点,本文提出一种基于行为分析的木马检测技术,通过记录应用程序的动态行为,综合恶意代码的API调用序列,功能性行为特征、隐藏性行为特征、Rootkit行为特征等作为判别依据,分析其恶意危害性;同时给出详细的分析报告及关键行为记录,方便对恶意代码的手动查杀及深入分析。实验表明本文提出的检测方案能够有效地检测已知或未知的恶意代码,提高木马的检测准确率和检测效率,达到预期的研究目的。 相似文献
8.
9.
10.
本文从计算机病毒更改主机HOSTs文件、修改主机自启动项、篡改主机注册表信息和感染PE文件四个典型的行为特征进行分析,提供一种方便、快捷的病毒识别方案,有助于普通用户提高系统安全维护等级,帮助病毒分析人员锁定病毒目标。 相似文献
11.
文章根据互联网视听节目监测从业人员的工作内容,提出上网行为审计系统的设计并加以实现,系统满足加强互联网信息安全的需求,同时规范上网行为、提高工作效率。系统通过用户准入、上网行为记录、流量控制、终端管理等技术手段,部署了一套完整的上网行为审计系统。本系统旨在解决互联网视听节目监测从业人员访问互联网所衍生的信息安全隐患、工作效率低等问题。 相似文献
12.
A dynamic fair resource allocation scheme is proposed to efficiently support real-time and non-real-time multimedia traffic with guaranteed statistical quality of service (QoS) in the uplink of a wideband code-division multiple access (CDMA) cellular network. The scheme uses the generalized processor sharing (GPS) fair service discipline to allocate uplink channel-resources, taking into account the characteristics of channel fading and intercell interference. In specific, the resource allocated to each traffic flow is proportional to an assigned weighting factor. For real-time traffic, the assigned weighting factor is a constant in order to guarantee the traffic statistical delay bound requirement; for non-real-time traffic, the assigned weighting factor can be adjusted dynamically according to fading, channel states and the traffic statistical fairness bound requirement. Compared with the conventional static-weight scheme, the proposed dynamic-weight scheme achieves capacity gain. A flexible trade-off between the GPS fairness and efficient resource utilization can also be achieved. Analysis and simulation results demonstrate that the proposed scheme enhances radio resource utilization and guarantees statistical QoS under different fairness bound requirements. 相似文献
13.
To alleviate the traffic pressure on roads,reduce the appearance of road congestion,and avoid the occurrence of traffic accidents,a privacy-preserving intelligent monitoring (PPIM) scheme based on intelligent traffic was proposed in combination with the safe and k-nearest neighbor (KNN) algorithm.To ensure the security of traffic data,the data content was randomly divided into independent parts via the secure multi-party computing strategy,and the data components were stored and encrypted separately by non-colluding multi-servers.To improve the accuracy of road condition monitoring,an improved KNN traffic monitoring algorithm was proposed.By virtue of the similarity calculation of data,the correlation value to measure the degree of traffic condition relationship between roads was obtained.And it was integrated with the KNN as the weight coefficient.To speed up the processing of dense data,a series of data security computing protocols were designed,and the data security processing was realized.In addition,real traffic data were used to verify the algorithm.The results show that the improved KNN algorithm is helpful to improve the accuracy of traffic monitoring.The analysis shows that the algorithm can not only guarantee the safety of data but improve the accuracy of traffic monitoring. 相似文献
14.
15.
随着网络信息量的剧增,网络安全问题也日益突出,对目标人群特定上网行为的监测就是一种网络安全意识防范的措施。文中提出一种基于知识库的网络用户行为监测模型,该模型结合快速多模式匹配技术,可以在大流量的网络环境下对知识库中已有的行为特征进行快速、高效、准确的匹配,其优势在于特征知识库可以灵活扩展和控制。该模型在方便管理人员进行管理的同时,也能在高速网络环境下监测网络用户的特定行为。 相似文献
16.
In this paper, we propose a multi-objective traffic engineering scheme using different distribution trees to multicast several flows. The aim is to combine into a single aggregated metric, the following weighting objectives: the maximum link utilization, the hop count, the total bandwidth consumption, and the total end-to-end delay. Moreover, our proposal solves the traffic split ratio for multiple trees. We formulate this multi-objective function as one with Non Linear programming with discontinuous derivatives (DNLP). Results obtained using SNOPT solver show that several weighting objectives are decreased and the maximum link utilization is minimized. The problem is NP-hard, therefore, a novel SPT algorithm is proposed for optimizing the different objectives. The behavior we get using this algorithm is similar to what we get with SNOPT solver. The proposed approach can be applied in MPLS networks by allowing the establishment of explicit routes in multicast events. The main contributions of this paper are the optimization model and the formulation of the multi-objective function; and that the algorithm proposed shows polynomial complexity. 相似文献
17.
基于整个网络的3G安全体制的设计与分析 总被引:7,自引:1,他引:6
首先提出了一个3G网络域内的安全体制,实现了网络域内实体之间的安全信息交互以及认证;在此基础上,进一步提出了一个在整个3GPP范围内的全网络范围内的安全结构,从而实现了UE之间的任意安全通信,并且对此结构的协议、算法和密钥进行了安全性分析,证明其是安全的。 相似文献
18.
针对分布式拒绝服务(distributed denial of service,DDoS)网络攻击知识库研究不足的问题,提出了DDoS攻击恶意行为知识库的构建方法。该知识库基于知识图谱构建,包含恶意流量检测库和网络安全知识库两部分:恶意流量检测库对 DDoS 攻击引发的恶意流量进行检测并分类;网络安全知识库从流量特征和攻击框架对DDoS 攻击恶意行为建模,并对恶意行为进行推理、溯源和反馈。在此基础上基于DDoS 开放威胁信号(DDoS open threat signaling,DOTS)协议搭建分布式知识库,实现分布式节点间的数据传输、DDoS攻击防御与恶意流量缓解功能。实验结果表明,DDoS攻击恶意行为知识库能在多个网关处有效检测和缓解DDoS攻击引发的恶意流量,并具备分布式知识库间的知识更新和推理功能,表现出良好的可扩展性。 相似文献
19.
A MultiCode-CDMA network that is capable of providing quality-of-service guarantees will find widespread application in future wireless multimedia networks. However, providing delay guarantees to time-sensitive traffic in such a network is challenging because its transmission capacity is variable even in the absence of any channel impairment. We propose and evaluate the performance of a novel transmission scheduling scheme that is capable of providing such a delay guarantee in a MultiCode-CDMA network. The proposed scheme drops packets to ensure that delays for all transmitted packets are within the guaranteed target bounds, but packets are dropped in a controlled manner such that the average dropping ratios of a set of time-sensitive flows can be proportionally differentiated according to the assigned weighting factors or shares. We provide extensive simulation results to show the effectiveness of the proposed scheme as well as to study the effects of various parameters on its performance. In particular, we show that it can simultaneously guarantee a delay upper bound and a proportionally differentiated dropping ratio in a fading wireless channel for different traffic loads, peak transmission rates, and weighting factors of individual flows. 相似文献
20.
随着网络技术的快速发展,伴随而来的是愈来愈多的新型网络威胁,传统安全防护体系也濒临失效,基于全流量威胁检测逐渐成为新型威胁检测的有效途径。在实战过程中,依靠传统的分析方式,传统安全设备通常都无法对新型网络威胁的各个阶段进行有效的检测,换个角度来看攻防实战,真相往往隐藏在网络流量中,本文采用网络流量实时采集的思路,通过动态行为分析和网络流量分析技术实现新型网络威胁行为检测,有效解决了新型网络威胁的发现难题。 相似文献
