基于主动防御的进程拦截方法设计
首发时间:2012-07-03
摘要:以SQL注入攻击为例,进行了研究、分析和探讨,提出主动防御策略对于数据安全是至关重要的,认为主动防御是免遭注入攻击危害的根本,而主动防御的一个核心问题就是要解决远程进程的拦截问题,该主动防御系统通过远程线程注入技术,挂钩SQL Server进程的API函数,实现主动防御功能。对主动防御系统的进程拦截及线程注入等核心问题进行了分析,设计了相关进程创建拦截和线程注入算法,并通过了系统测试。方案仅供参考。
关键词: SQL;主动防御;攻击;蜜罐
For information in English, please click here
Design of process interception Method Based on active defense
Abstract:With SQL injection attack for example, undertook research, analysis and discussion, put forward active defense strategy for data security is of paramount importance, And the active defense is a core issue to solve the blocking problem of remote processes, that the active defense is from injection attack harm at all.The defense initiative sysytem against MSSQL injection attacks hooks the APIs of SQL Server process to realize active defense, by remote thread injection technology. On the active defense system intercepting and thread into the process of the core issues were analyzed, the relevant design process creation intercepting and thread into the algorithm, and through the system test. For reference only.
Keywords: SQL active defense Attack injection honey pot
基金:
论文图表:
引用
No.****
同行评议
共计0人参与
勘误表
基于主动防御的进程拦截方法设计
评论
全部评论0/1000