| With the rapid development of Internet technology, network and information security problems, especially those from terminals, have become the threat to the Internet healthy development. In all various hazards to the terminals, executable malicious code caused security problems much conspicuous. With the analysis and comparison to the traditional defense methods to executable malicious code, the paper pointes out that the passive defense methods are unable to prevent the system from executable malicious code. Then, a defense solution for the terminal to build a proactive defense executable malicious code is presented.With the analysis to the mechanism of spreading of executable malicious code and the study to the principles of Access Control and Identity Authentication of Security Operation System, this paper regards the process as the key of security for OS and uses USBKey for ID authentication. With this viewpoint, a URPP ( User - Role - Process -Permission ) access control model for executable malicious code is given. In the model, the control for process is the core problem for malicious code defense.With the analysis to various solutions for process control, this paper uses hook technology to achieve controlling the process in the core layer. Through the process security inspection of the relevant files, the solution can ensure the credibility of process running.In order to validate the avail of the solution and the model, a system design in Windows context is given. Through prototype system, this paper analyzes show the advantages and shortcoming of the defense system, and points out the work in the next step. |
PDF Full Text Request