| Due to the internal operation principles of computer operating system, it is inevitably to leave some corresponding traces in the computer when accessing files.These traces buried a security risk for others who will steal the user’s secret information, which may cause incalculable losses in economics, and credibility, and bring security threats for individuals, enterprises and the state. Therefore, it is of great significance to carry out the related research work in cleaning file access traces to prevent information leakage and ensure the security of information.The current researches about cleaning file access traces were not complete or comprehensive, and what is worse, its safety is difficult to guarantee. In this dissertation, the operating system of Windows7 is used as the platform, and its basic principle of the file storage, access and management is analyzed. After the research of the existentformand reason of file access traces, the method and system of cleaning access trace is proposed, wherein the API hook technology and file management system is used. And the main work includes:1.Application of API HOOK to obtain the visited file paththrough remote thread DLLinjection and IAT interception. Realization the location of file access tracesaccording to their characteristics;2.Variation analysis of two common systems for file management in Winhex:FAT32 and NTFS, and the file locations are tracked successfully after being deleted by related-methods in BPB, FDT, FAT, and MFT. Then, safe approaches for trace cleanup are done by data-overwriting in advance.3.Code implementation and function test, which validating the effectiveness of the software system. |