| With the widely use of the network, the harm of the virus and other malice programs have increased. One example is that 'grey pigeon' virus infected 300,000 computers in February 2007 and resulted in tens of millions yuans loss. Another example is that 'panda burning incense' virus has resulted more than tens of millions financial loss. All these examples indicate that the current network defense system based on the packet filtrating has some kind of lag character when it faces the new virus attack. This character results in late search and clear up the new virus. With this reason, it is highly necessary and very worthiness to develop a network security defense system based on the behavior identification. Moreover, it is prospected that the trend of network security technology will be the behavior identification.The paper will put forward of a new network defense system scheme following the current status quo and the trend of the current network security defense industry. The scheme will get the virus behavior formula through analysis of the virus behavior identification and form a system identification model. The scheme is able to identify unknown virus and realize 'zero date' defense. It has powerful capability of identification and defense and can ensure the security of the system. It can also guarantee the sensible information such as the bank account, QQ and MSN PIN code safety, so it has good future. Firstly the paper introduced the general design scheme. Secondly, it introduced the technology of the virus program identification. Then it introduced the principle of the system. At the last, it introduced the realization of the key model in the system. The system has passed the test in the real working circumstances.The system runs well in the test. It has good practicality and is worth popularizing. It can be applied in public security, bank, securities and other fields with high demands of the security. |
PDF Full Text Request