Research And Implementation Of Anti-attack Technology For The Files Of Computer

Computer files can be divided into three categories: system files, application files and user files. They are the main targets of virus attacks. The attacks usually include file deletion, file alteration and file replacement. In this paper, we focus on the research of protection technology of application files and user files.Traditional file protection technologies mainly have the following deficiencies: First, the hysteretic quality. They always update the virus signature database or issue some killing tools after the outbreak of viruses. So they can't against unknown viruses. Second, they influence system performance seriously. Because of the rapid growth of virus signature database, when searching and killing, real time protection, they would seriously influence system performance. Third, it's misreporting problem. Because the virus signature extraction is not accurate enough, active defense technology is not mature enough and access control rules are not perfect and so on, they would recognise normal files as virus, which would cause unnecessary troubles.In this paper, we deeply analyze virus definition and main technologies of virus attacking applications, modify the protection model of user files, design a new protection model of application files, and combine them to build a Unified Protection Model. The main works and contributions are summarized as follows.1. This paper improves the protection method of user files and builds a new Protection Model of User Files. Aimed to protect user files, our research group had presented an Intention Based Access Control Model (IBAC). But IBAC doesn't consider temporary files. In this paper, we design some access control rules for the temporary files to protect user files better.2. This paper builds a new Protection Model of Application Files. Based on the research of virus attack application technologies, we find that an important reason of application vulnerable to attack is the lack of effective access control to application files. Then we present a new protection method, and build a new protection model.3. This paper builds the Unified Protection Model. In order to protect user files and application files better, we combine the above models and build the Unified Protection Model.4. This paper designs and implements the Unified Protection System. Based on the Windows operation system platform, we research the key technologies about Unified Protection Model and develop the Unified Protection System.5. This paper tests the Unified Protection System. Compared with the traditional protection technology, we carry out attack testing and performance testing on the Unified Protection System. The results show that the system has better safety and less influence on system performance.