| 基于内核机制的非法连接监控研究与设计 |
| |
| 引用本文: | 钱廷发,黄皓.基于内核机制的非法连接监控研究与设计[J].计算机工程与设计,2010,31(6). |
| |
| 作者姓名: | 钱廷发 黄皓 |
| |
| 作者单位: | 南京大学软件新技术国家重点实验室,江苏,南京,210093;南京大学计算机科学与技术系,江苏,南京,210093 |
| |
| 基金项目: | 国家自然科学基金项目,国家863高技术研究发展计划基金项目 |
| |
| 摘 要: | 在内核监控技术研究的基础上,通过对当前防止非法外联技术的比较和分析,针对当前非法外联技术的弱点,设计了一个防止非法连接的系统.该系统通过认证和策略来确保通信对象的可信性,通过基于SNMP协议的网络拓扑发现算法来确保及时发现连接到内网的未安装客户端的主机,通过网络设备控制和内核监控技术来保证网络设备的可靠性,最终达到防止非法连接的目的.
|
| 关 键 词: | 监控 Windows内核驱动 非法外联 非法连接 简单网络管理协议 |
Research and design of kernel based illegal connection mornitoring |
| |
| QIAN Ting-fa,HUANG Hao.Research and design of kernel based illegal connection mornitoring[J].Computer Engineering and Design,2010,31(6). |
| |
| Authors: | QIAN Ting-fa HUANG Hao |
| |
| Affiliation: | QIAN Ting-fa1,2,HUANG Hao1,2(1.State Key Laboratory for Novel Software Technology,Nanjing University,Nanjing 210093,China,2.Department of Computer Science , Technology,China) |
| |
| Abstract: | An anti-illegal connection system is designed based on analyzing the related anti-illegal connection technologies.The system uses authentication and strategy to ensure the credibility of the communcate object and uses SNMP-based network topology discovery algorithm to guarantee timely detection of intranet connected host which is not installed client, and then combines with the device control and kernel monitoring technology to ensure the implementation of the security.Finally, illegal connections are avoid... |
| |
| Keywords: | momitoring Windows kernel driver illegal external connection illegal connection SNMP |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
