基于用户诊断方式的反恶意软件系统的研究与实现
发布时间:2018-07-23 08:29
【摘要】: 随着互联网给人们提供的服务越来越丰富,恶意软件在网上横行的趋势也愈演愈烈。目前大多数恶意软件并不像计算机病毒那样具有明显的病毒特征,其主要目的也不在于对计算机系统进行攻击、破坏,而是出于商业利益的考虑,如:广告、搜集用户信息等。也因此会给用户在使用计算机时带来麻烦和信息泄露的风险。只有深入了解恶意软件的入侵、驻留机制,才能将恶意软件从计算机系统中清除出去,给用户一个干净、安全的使用环境。 对于目前常见的恶意软件分类方法存在的不足,以及法律上对恶意软件没有约束管理的缺陷。本文还对现有分类方法进行补充,按软件的垃圾程度进行分类的方法。通过用户在使用软件时的切身体会来确定其垃圾程度。 本文对目前主流恶意软件进行搜集采样,深入分析恶意技术,找出其感染原理和方式。通过在虚拟机中分析实验,总结出各类恶意软件的具体驻留手段,并提出了相应的清理方案。 恶意软件的入侵途径令人防不胜防,让一些计算机知识欠缺的用户难以防范恶意软件对系统的侵袭。由于恶意软件带来的巨大商业意义,其制造者与日俱增,大到公司,小到个人,这使得恶意软件的传播日益广泛,用户计算机被安装上恶意软件的可能性越来越大,系统中出现的各类异常现象也越来越多。通过对恶意软件入侵途径的总结分析,本文提出了对于目前计算机系统怎样提高安全性,预防恶意软件的方案。 大部分恶意软件入驻计算机系统后,会强行修改系统的相关设置为其功能的实现提供服务。本文对常见的系统设置被修改的情况进行搜集总结,提出了相应的系统设置修复、还原的方案。 针对目前流行的反恶意软件在使用过程中,对部分初级用户的支持存在的不足,本文设计了基于用户诊断方式,从用户角度出发的清理方式,即让初级用户可以通过向导模式进行操作;让高级用户可以通过自定义模式进行操作。对在WINDOWS环境下不能被清理的恶意软件,笔者还设计了在DOS下进行清理的方案。这三种模式并存,让用户可以根据实际情况选择用哪种模式进行。 最后,笔者对本方案中的各个功能进行了实验测试,验证其准确性和有效性,总结了其不足之处,并对下一步工作进行了展望。
[Abstract]:As the Internet provides more and more services to people, the trend of malware on the Internet is becoming more and more intense. At present, most malware does not have the obvious virus characteristic like computer virus, and its main purpose is not to attack and destroy the computer system, but because of the consideration of commercial interest, such as advertisement, collecting user information and so on. As a result, users are at risk of trouble and information disclosure when using their computers. Only when we deeply understand the intrusion and resident mechanism of malware can we remove malware from computer system and give users a clean and safe environment. The shortcomings of the common malware classification methods and the limitation of no restriction management of malware in law. This paper also supplements the existing classification methods, according to the software garbage classification method. Through the user's personal experience in the use of software to determine the level of garbage. In this paper, we collect and sample the mainstream malware, deeply analyze the malware technology, and find out its infection principle and mode. By analyzing the experiments in the virtual machine, the concrete resident methods of all kinds of malware are summarized, and the corresponding cleaning scheme is put forward. The intrusion path of malware is difficult to prevent, which makes it difficult for some users who lack computer knowledge to prevent malware from invading the system. Because of the enormous commercial significance of malware, its makers are growing, from companies to individuals, making malware more widespread and more likely to be installed on user computers. There are more and more abnormal phenomena in the system. Through summing up and analyzing the ways of malware intrusion, this paper puts forward a scheme of how to improve the security of computer system and prevent malware. After most malware enters the computer system, it will change the relevant settings of the system by force to provide the service for the realization of its function. In this paper, the common system settings were revised to collect and summarize the situation, and put forward the corresponding system settings repair, restore scheme. In view of the deficiency of some primary users in the process of using the popular anti-malware, this paper designs a cleaning method based on the user diagnosis and from the user's point of view. That is, primary users can operate in wizard mode; advanced users can operate in custom mode. For the malware which can not be cleaned under windows environment, the author also designs a scheme of cleaning under DOS. These three modes coexist, allowing users to choose which mode to use according to the actual situation. Finally, the author has carried on the experiment test to each function of this project, verified its accuracy and validity, summarized its deficiency, and carried on the prospect to the next work.
【学位授予单位】:四川师范大学
【学位级别】:硕士
【学位授予年份】:2008
【分类号】:TP311.52
[Abstract]:As the Internet provides more and more services to people, the trend of malware on the Internet is becoming more and more intense. At present, most malware does not have the obvious virus characteristic like computer virus, and its main purpose is not to attack and destroy the computer system, but because of the consideration of commercial interest, such as advertisement, collecting user information and so on. As a result, users are at risk of trouble and information disclosure when using their computers. Only when we deeply understand the intrusion and resident mechanism of malware can we remove malware from computer system and give users a clean and safe environment. The shortcomings of the common malware classification methods and the limitation of no restriction management of malware in law. This paper also supplements the existing classification methods, according to the software garbage classification method. Through the user's personal experience in the use of software to determine the level of garbage. In this paper, we collect and sample the mainstream malware, deeply analyze the malware technology, and find out its infection principle and mode. By analyzing the experiments in the virtual machine, the concrete resident methods of all kinds of malware are summarized, and the corresponding cleaning scheme is put forward. The intrusion path of malware is difficult to prevent, which makes it difficult for some users who lack computer knowledge to prevent malware from invading the system. Because of the enormous commercial significance of malware, its makers are growing, from companies to individuals, making malware more widespread and more likely to be installed on user computers. There are more and more abnormal phenomena in the system. Through summing up and analyzing the ways of malware intrusion, this paper puts forward a scheme of how to improve the security of computer system and prevent malware. After most malware enters the computer system, it will change the relevant settings of the system by force to provide the service for the realization of its function. In this paper, the common system settings were revised to collect and summarize the situation, and put forward the corresponding system settings repair, restore scheme. In view of the deficiency of some primary users in the process of using the popular anti-malware, this paper designs a cleaning method based on the user diagnosis and from the user's point of view. That is, primary users can operate in wizard mode; advanced users can operate in custom mode. For the malware which can not be cleaned under windows environment, the author also designs a scheme of cleaning under DOS. These three modes coexist, allowing users to choose which mode to use according to the actual situation. Finally, the author has carried on the experiment test to each function of this project, verified its accuracy and validity, summarized its deficiency, and carried on the prospect to the next work.
【学位授予单位】:四川师范大学
【学位级别】:硕士
【学位授予年份】:2008
【分类号】:TP311.52
【引证文献】
中国期刊全文数据库 前1条
1 郭骅麟;;浅析病毒入侵微机的途径与防治[J];硅谷;2010年04期
中国硕士学位论文全文数据库 前2条
1 李鹏飞;基于干净数据的恶意软件检测技术研究[D];西南交通大学;2011年
2 付,
本文编号:2138805
本文链接:https://www.wllwen.com/wenyilunwen/guanggaoshejilunwen/2138805.html
