| In recent years,With the development of computer technology, the network is moreand more important in people’s lives.But at the same time a variety of increasinglyfrequent network attacks and malicious code become more frequent and cause createrlosses.Because the increase of complexity and diversity of Malicious code.Traditionalstatic detection method may not acquire good effect.Sandbox can analyze a programDynamically,It can Meet the shortfall of only Static analysis.The key technologies of sandbox are the virtualization of system resource,this can becompleted in Driver layer.Filter driver can attach to between the actual physical deviceand function driver,or above the function driver.So it can intercept the accesses of systemresources.This paper comply file resources virtualization in operating system kernel by filterdriver technology.It can Effectively prevent malicious processes from breaking the systemto improve system security and provides to the user an isolated environment to protect thesecurity of user data.after the analysis of Windows components and the research oftraditional virtualization and sandbox technologies.This paper focuses on the Windows filesystem filter driver and proposed a solution of file system virtualization based on theWindows file system filter driver.It can Isolation the file operations of a process to analyzethe behavior of the process and prevent if from Breaking the system.This paper give aspecific realization on notepad.In addition this paper design a model for safe vistit.It canensure the safety of user data and isolate users of different levels of security.So it canachieve good security and confidentiality. |
PDF Full Text Request