Full metadata record
DC FieldValueLanguage
dc.contributor.author盧炫宏en_US
dc.contributor.authorLu, Hsuan-Hungen_US
dc.contributor.author吳育松en_US
dc.contributor.authorWu, Yu-Sungen_US
dc.date.accessioned2015-11-26T01:02:56Z-
dc.date.available2015-11-26T01:02:56Z-
dc.date.issued2015en_US
dc.identifier.urihttp://140.113.39.130/cdrfb3/record/nctu/#GT070256092en_US
dc.identifier.urihttp://hdl.handle.net/11536/127762-
dc.description.abstract在半虛擬化環境中心使用行為比對來偵測惡意程式有著高偵測率,但由於其偵測期間,惡意行為持續對其造成傷害,因此嘗試設計一套系統可以對特定程式、執行序進行傷害範圍估測及清除,以處理管理端所欲達成的修復系統傷害。 在Xen環境底下,我們針對Windows客戶端虛擬機設計一套傷害範圍估測與清除機制,修改一套Mini-filter driver以攔截並記錄IRPs(I/O Request Packets)行為歷程,已完成在行為比對偵測動作完成時,能夠提供完整的資訊及清除能力。zh_TW
dc.description.abstractIn paravirtualized environment, Behavior matching is a detection method with high detection rate. However, during the matching behavior time passed, the malicious software continually doing damage. We design this for estimate and recovery those damages after malware was found. With Xen, we design an estimation and recovery mechanism for guest OS which is Windows. We modified a mini-filter Driver to intercept IRPs(I/O Request Packets). With this system design, we could provide the complete estimation and recovery just after matching.en_US
dc.language.isozh_TWen_US
dc.subject磁碟 傷害 估測 清除 Windowszh_TW
dc.subjectStorage disk damage estimate recovery Windowsen_US
dc.title惡意程式傷害範圍估測與清除機制zh_TW
dc.titleAn Estimation and Recovery Mechanism for Damages Inflicted by Malicious Softwareen_US
dc.typeThesisen_US
dc.contributor.department資訊科學與工程研究所zh_TW
Appears in Collections:Thesis