| 恶意代码安全虚拟执行环境研究 |
| |
| 引用本文: | 曹跃,梁晓,李毅超,黄沾. 恶意代码安全虚拟执行环境研究[J]. 中国药品标准, 2008, 0(1): 97-99 |
| |
| 作者姓名: | 曹跃 梁晓 李毅超 黄沾 |
| |
| 作者单位: | 电子科技大学计算机科学与工程学院网络攻防实验室 成都610054 |
| |
| 基金项目: | 国家科技基础条件平台工作基金 |
| |
| 摘 要: | 入侵容忍的系统要求具有在现实环境中执行不安全程序且不遭受永久性伤害的能力.虚拟机技术提供了一种虚拟的可执行环境,能够满足这个需求.通过对操作系统调用接口资源的重命名的研究,在此基础上设计并实现了一种Windows平台下基于操作系统层的安全虚拟执行环境的体系结构.实验结果表明,该系统可以有效地模拟应用程序的各种运行行为和结果,并为后续分析提供充足的信息.经对比发现,基于操作系统资源虚拟化的安全执行环境技术比传统虚拟技术更灵活,消耗系统资源更少.
|
| 关 键 词: | 恶意代码 安全执行 虚拟机 命名空间虚拟化 |
Research on Malware Secure Virtual Execution Environments |
| |
| CAO Yue,LIANG Xiao,LI Yi-Chao,HUANG Zhan. Research on Malware Secure Virtual Execution Environments[J]. , 2008, 0(1): 97-99 |
| |
| Authors: | CAO Yue LIANG Xiao LI Yi-Chao HUANG Zhan |
| |
| Abstract: | Intrusion-tolerant and fault-tolerant systems require the ability to execute unknown programs in a realistic environment without leaving permanent damages.Virtual machine technique provides an execution environment that is both realistic and isolated,also meet this requirement.We present a new secure execution environments framework.After researched on rename mechanism of system call interface under operating systems,finally designed and implemented the system architecture of operating system level based secure execution environment under Windows.Central to our algorithm is namespace virtualization,which provides simulation of many runtime behaviors and results in applications with enough analysis information.Compared with traditional algorithms,our method is more flexible,and requires less system resource. |
| |
| Keywords: | Malware Secure execution Virtual machine Namespace virtualization |
|
| 点击此处可从《中国药品标准》浏览原始摘要信息 |
|
点击此处可从《中国药品标准》下载全文 |
|
