期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于数字疫苗的隐遁勒索病毒攻击动态防御模型 被引量:3

Digital vaccine-based dynamic defense model for stealthy ransomware attacks
原文传递
导出
摘要 针对隐遁勒索病毒攻击威胁性极大以及传统方法对其防御不力的问题,该文提出了一种基于数字疫苗的隐遁勒索病毒攻击动态防御模型。借鉴生物免疫机理,给出了数字疫苗、抗原、抗体及抗体浓度等免疫概念的形式化定义。首先,通过接种数字疫苗(创建诱饵文件和文件夹),使系统生成抵御隐遁勒索病毒攻击的未成熟抗体;其次,通过免疫抗体动态演化机制,生成能抵御隐遁勒索病毒抗原的成熟抗体与记忆抗体;最后,通过在内核层和应用层实施双重动态监控抗体浓度变化,并借助交叉视图法来实时感知隐遁勒索病毒攻击。理论分析与实验结果表明:该模型有效解决了隐遁勒索病毒攻击难以实时检测的问题,且较传统方法性能更高。 Ransomware is a type of malware from cryptovirology that threatens to publish the victim’s data or permanently block access to it unless a ransom is paid. Stealthy ransomware is a new type of ransomware that tries to evade detection by deleting all hard copies of its files and just residing in a process running in memory. This study uses danger theory for the biological immune system to design a digital vaccine-based dynamic defense model for stealthy ransomware attacks. Formal definitions are given for some immune concepts such as digital vaccine, antigen, antibody and antibody concentration. Vaccinations with digital vaccines(creating bait files and folders) give the system immature antibodies against stealthy ransomware attacks. The system quickly detects stealthy ransomware attacks using dynamic monitoring of the stealthy ransomware attack antigens in both the core and application layers and by monitoring the dynamic evolution of antibodies and changes of the antibody concentration. Analyses and tests show that the model provides effective real-time detection of stealthy ransomware attacks that are more effective than traditional methods.
作者 张瑜 刘庆中 石元泉 曹均阔 ZHANG Yu;LIU Qingzhong;SHI Yuanquan;CAO Junkuo(Department of Computer Science,Hainan Normal University,Haikou 571158,China;Department of Computer Science,Sam Houston State University,Houston 77340,USA;School of Computer Science and Engineering,Huaihua University,Huaihua 418000,China)
机构地区 海南师范大学计算机系 萨姆休斯顿州立大学计算机系 怀化学院计算机科学与工程学院
出处 《清华大学学报(自然科学版)》 EI CAS CSCD 北大核心 2020年第5期402-407,共6页 Journal of Tsinghua University(Science and Technology)
基金 国家自然科学基金资助项目(61862022,61462025,61262077) 海南省重点研发计划资助项目(ZDYF2016013) 海南省重大科技计划资助项目(ZDKJ2O17O12) 湖南省教育厅重点资助项目(18A449)。
关键词 数字疫苗 免疫危险理论 隐遁勒索病毒攻击 危险信号 抗体浓度 digital vaccine immune danger theory stealthy ransomware attacks danger signals antibody concentration
分类号 TP309.5 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献1

二级参考文献10

  • 1Butler D.Computer security: who’s been looking at your data[].Nature.2002 被引量:1
  • 2Li T.Computer Immunology[]..2004 被引量:1
  • 3Cheng S L,Tan R,Xong W L, et al.Computer Virus and its Protection Techniques[]..2004 被引量:1
  • 4Kephart J O,Arnold W C.Automatic extraction of computer virus signatures[].Proc of the Fourth International Virus Bulletin Conference.2001 被引量:1
  • 5Sheng J,Xie S Q.The Theory of Probability and Mathematical Statistics[]..1989 被引量:1
  • 6Pu J,Ji J F,Yi L Z, et al.User Manual for MATLAB Version 6.0[]..2002 被引量:1
  • 7Balthrop J,Forrest S,Newman M E J,et al.Technological networks and the spread of computer viruses[].Science.2004 被引量:1
  • 8P D’ haeseleer.An Immunological Approach to Change Detection: Theoretical Results[].Proc of the th IEEE Computer Security Foundations Workshopg.1996 被引量:1
  • 9Perelson A S,Weisbuch G.Immunology for physicists[].Reviews of Modern Physics.1997 被引量:1
  • 10Forrest S,Perelson A S,Allen L,et al.Self-nonself discrimination in a computer[].Proceedings of the IEEE Symposium on Research in Security and Privacy.1994 被引量:1

共引文献20

同被引文献28

引证文献3

清华大学学报(自然科学版)
2020年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部