Control Method of the Correct Execution of Programs by Monitoring and Analyzing the Route-Time Parameters of the Computing Process

Voprosy kiberbezopasnosti Pub Date : 1900-01-01 DOI:10.21681/2311-3456-2022-2-63-71

A. Mirzabaev, Alexander Samonov

{"title":"Control Method of the Correct Execution of Programs by Monitoring and Analyzing the Route-Time Parameters of the Computing Process","authors":"A. Mirzabaev, Alexander Samonov","doi":"10.21681/2311-3456-2022-2-63-71","DOIUrl":null,"url":null,"abstract":"Objective: develop a method and means to ensure sustainable functioning of the software mission-critical information systems under impact malicious software. Methods: analysis and classification of malicious software and means of protection against it, synthesis and modeling of correct behavior of programs, temporary automata. Study results: the characteristic of methods and means of detecting malware, which using masking methods, rootkit mechanisms and hardware virtualization technologies is given. A methodology for constructing profiles of the correct functioning of controlled programs in the form of a set of permissible execution routes has been developed. A method for monitoring and controlling the correctness of the current state of the computing process by comparing it with reference profiles has been developed. The method allows real-time detection and counteraction of malicious programs, which using various techniques of implementation and masking, including rootkit mechanisms, hypervisors based on hardware virtualization technology, interception and introduction in system functions in RAM.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"78 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Voprosy kiberbezopasnosti","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.21681/2311-3456-2022-2-63-71","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Objective: develop a method and means to ensure sustainable functioning of the software mission-critical information systems under impact malicious software. Methods: analysis and classification of malicious software and means of protection against it, synthesis and modeling of correct behavior of programs, temporary automata. Study results: the characteristic of methods and means of detecting malware, which using masking methods, rootkit mechanisms and hardware virtualization technologies is given. A methodology for constructing profiles of the correct functioning of controlled programs in the form of a set of permissible execution routes has been developed. A method for monitoring and controlling the correctness of the current state of the computing process by comparing it with reference profiles has been developed. The method allows real-time detection and counteraction of malicious programs, which using various techniques of implementation and masking, including rootkit mechanisms, hypervisors based on hardware virtualization technology, interception and introduction in system functions in RAM.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

通过监测和分析计算过程的路径-时间参数实现程序正确执行的控制方法

目的:开发一种方法和手段，以确保软件关键任务信息系统在恶意软件的影响下持续运行。方法:恶意软件的分析与分类及防护手段，程序正确行为的合成与建模，临时自动机。研究结果:给出了利用屏蔽方法、rootkit机制和硬件虚拟化技术检测恶意软件的方法和手段的特点。一种以一组允许的执行路线的形式构造受控程序正确功能概况的方法已经被开发出来。提出了一种通过与参考剖面相比较来监测和控制计算过程当前状态正确性的方法。该方法允许实时检测和对抗恶意程序，恶意程序使用各种实现和屏蔽技术，包括rootkit机制，基于硬件虚拟化技术的管理程序，拦截和在RAM中引入系统功能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Voprosy kiberbezopasnosti

自引率

0.00%

发文量