| Electric power industry is a fundamental industy of national economy.With the rapid development of computer technology,major electric power enterprise are paying greater attention to information construction.This has greatly improved their productivity and brought huge economic benefits.However,there also emerge some problems.The security of intranets of enterprises,for instance,has become a great concern.Due to the development of enterprises and the expansion of their fields of production,PC terminals connected to entreprises' intranets have increased sharply.Thus,more and more loopholes and potential dangers have emerged.Under this circumstance,electric power enterprises give priority to active defense technology,which focuses on PC terminals of electric power enterprises.By monitoring system calls and judging their legitimacy,active defense technology can detect and stop malicious attack in a real-time manner.In this paper,the author analyzes present researches on active defense technology.Taking the characteristics of electric power enterprises into account,this paper elaborates on the design ideas of active defense technology and does some research in its key technology.The design in this paper is based on NIPS and HIPS with a focus on safety protection of files.Through this three-layer active defense system,much safer PC terminals of electric power enterprises are in place and thus lays a solid foundation for intranet safety.By using HOOKING technology,system calls of the kernel are intercepted and captured so as to achieve complete control on the underlying operating system.Functions desighed in this paper are as follows:Network packet inspection,file protection,driving protection,process protection,registry protection and self-protection of the system.All of them have certain practical value and can be used in electric power enterprises. |
PDF Full Text Request