| With the development of information technology, various forms of malicious code increased, and now have penetrated into every aspect of our lives. Most existing security software needs to rely on the support server to update the virus database, and have been for this security software to steal user data privacy concerns. To solve these problems, the subject will be P2 P technology and malicious code detection and prevention technology, to establish a new mechanism to combat malicious code.The content of this research consists of three parts, namely, detection, prevention and response, which is like a spear detection technology, defense technology is like a shield, and respond to network is to use a spear and shield to combat soldiers. These three parts complement each other, are indispensable.Key technologies include detection of two elements, the first point is to monitor the behavior of the distributed code, and the code will be distributed to the monitoring of P2 P network nodes, each node collaborative monitoring common war. The second point is the challenge test against malicious code, in order to detect malicious code in the incubation period, the use of challenge tests to expose the true face of malicious code as soon as possible.Defense key technology consists of three parts, the first part is a static data scanning, compared with the normal scan, the scan data based on the difference of more efficient and avoid a lot of duplication, unnecessary scans. The second part is the dynamic data protection, according to the results of the response network against malicious code analysis to determine what areas to protect, then an important index to point level protection. The third part is automatically repaired, one version back to record files modified by differences in data, on the other hand through the use of P2 P networks of distributed data to be repaired. Through the establishment does not depend on the operating system running PDP-outer, even if the operating system crashes can also be automatically repaired.Based on the response of key technologies including the identification and treatment of malicious code and build the foundation of P2 P network into two parts. Response Network is a P2 P network contains many nodes constituted by node authentication protocols, data transmission protocols, and other security mechanisms to ensure the credibility of the underlying network security. By synchronizing distributed on each node to ensure data consistency blacklist, white-list and other data, which is malicious code to identify and process the data provided. By monitoring the response behavior of nodes in the network can constantly generate behavioral data logging, etc., discussed topics including the use of neural networks in several ways, including the processing of these data, and accordingly to independent learning and decision making.After more than a year of research and experiment, and the subject made a number of findings, including the following three aspects:1. To establish a new type of malicious code detection and prevention methods to solve the need to rely on a server update. Because it is no center, and open source to solve the privacy issues of data can be stolen;2. In order to raise the issue of detection and prevention methods and general methods contrast developed a simulation program that can process simulation software and security against malicious code;3. Apply to the issue of a proposed method for the detection and prevention at the core of the patent- "kind of malicious code detection and prevention methods", is currently in accepting state. |
PDF Full Text Request