| With the computer technology and network application deepening, a variety of application software has been widely used in all aspects of social life.However, the malicious attack for application software are being intensified, annually, application file has been tampered, replaced, and deleted which lead to security incidents of information is stolen or destroyed also rise sharply. The aim of this thesis is focused on the technology of application anti-attack.Firstly, the paper deeply analyzes the various threat sources to the current applications, including those from the operating system, application itself, user action, malicious attack, potentially unwanted application (PUA) and physical paroxysmal accident. Then, the article analyzes the various attack technologies to the storing and running application, and points out the root causes of the application vulnerable is that there is not a strict distinction in these store space of application files, code or data and a strict access control mechanism to accessing the application files, code or data and the system configuration files of application depending on. In addition, it points out the essential of malicious attack, that is, which is writing the application files files, code or data. As the anti-attack issue of running application involves more factors, such as the operating system memory management, CPU's architecture and instructions and so on, it is more difficult to implement. Hence, the anti-attack issue of storing application is focused on in this paper.Based on the analysis of various threat sources and attack technologies, firstly, the article proposes an application anti-attack model (AAM) based on mandatory access control mechanism. This model can quickly and comprehensively resist various attacks, and reduce the degree of PUA's threat and destruction. Furthermore, the model really puts the granularity of access control on the process's level, and makes the right to accessing the protective file really demand so much, which is in accord with the principle of least privilege. Secondly, presents the formal description of the model and shows its good security properties. Finally, the paper researches on the key application technologies of the model and implements it's a prototype system based on the Windows platform of the current mainstream operating system.Finally, the paper carries out attack tests and performance tests for the prototype system, and the results of these tests demonstrate that the AAM has good reliability and real-time respondence, and it has a little effect for the system's performance. |
PDF Full Text Request