| With the development of information technology and network,information technology has long been applied to every aspect of our lives.But at the same time,the use of information technology to obtain illegal income,theft of user information is increasing.At present,most of the security monitoring software is only in the software whether the existence of malicious code,whether to visit sensitive documents and other acts as a measure of the credibility of software standards,although to a certain extent,the invasion of the virus played a restricted role,but can not software Unexpected behavior of the security threats arising from monitoring and prevention.Therefore,the most difficult problem is how to measure the credibility of the software.The credibility of software behavior is the basic problem of this paper.First,the software behavior,software behavior trust and software life cycle are discussed,and the definition,analysis and description of credible behavior statement are given.Analysis of the trusted elements of software behavior involves five common characteristics: Maintainability,Integrity,Privacy,Security,Reliability.In addition,the existence of software vulnerabilities will also affect the credibility of the software system,so it will be included in the trusted elements.In general,a credible measure of software behavior requires a complete framework,rational processes,appropriate metrics,and scientific standards.Software behavior,credible measurement process improvement of the late information systems,the establishment of safety standards,the establishment of measurement models,analysis of needs,the establishment of measurement objectives and safety control of six parts.File system,registry,network,memory and so on are the basic indicators of software behavior trustworthiness measurement.The method of static embedding is determined,and the monitoring scheme of software behavior trustworthiness measurement is designed by using safe compilation method,so that the code of the software itself can not be separated from the monitoring module code.Based on the functional and non-functional requirements of the system,the design framework of the software behavior trustworthiness measurement system is established,and the architecture of the system is designed.Finally,the experiment is designed,the testing software is compiled and the monitoring platform is set up.The 56 data including IO events,registry events and network events are monitored and judged.Finally,the malicious words and actions Different conclusions.But the experimental design is to verify the function of the monitoring platform for the purpose of its business sense,is not universal significance.So still need in the future practice of the specific system under test the business function of the corresponding statement written and tested in order to get the business value of the original data. |
PDF Full Text Request