{"title":"通过监测和分析计算过程的路径-时间参数实现程序正确执行的控制方法","authors":"A. Mirzabaev, Alexander Samonov","doi":"10.21681/2311-3456-2022-2-63-71","DOIUrl":null,"url":null,"abstract":"Objective: develop a method and means to ensure sustainable functioning of the software mission-critical information systems under impact malicious software. Methods: analysis and classification of malicious software and means of protection against it, synthesis and modeling of correct behavior of programs, temporary automata. Study results: the characteristic of methods and means of detecting malware, which using masking methods, rootkit mechanisms and hardware virtualization technologies is given. A methodology for constructing profiles of the correct functioning of controlled programs in the form of a set of permissible execution routes has been developed. A method for monitoring and controlling the correctness of the current state of the computing process by comparing it with reference profiles has been developed. The method allows real-time detection and counteraction of malicious programs, which using various techniques of implementation and masking, including rootkit mechanisms, hypervisors based on hardware virtualization technology, interception and introduction in system functions in RAM.","PeriodicalId":422818,"journal":{"name":"Voprosy kiberbezopasnosti","volume":"78 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Control Method of the Correct Execution of Programs by Monitoring and Analyzing the Route-Time Parameters of the Computing Process\",\"authors\":\"A. Mirzabaev, Alexander Samonov\",\"doi\":\"10.21681/2311-3456-2022-2-63-71\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Objective: develop a method and means to ensure sustainable functioning of the software mission-critical information systems under impact malicious software. Methods: analysis and classification of malicious software and means of protection against it, synthesis and modeling of correct behavior of programs, temporary automata. Study results: the characteristic of methods and means of detecting malware, which using masking methods, rootkit mechanisms and hardware virtualization technologies is given. A methodology for constructing profiles of the correct functioning of controlled programs in the form of a set of permissible execution routes has been developed. A method for monitoring and controlling the correctness of the current state of the computing process by comparing it with reference profiles has been developed. The method allows real-time detection and counteraction of malicious programs, which using various techniques of implementation and masking, including rootkit mechanisms, hypervisors based on hardware virtualization technology, interception and introduction in system functions in RAM.\",\"PeriodicalId\":422818,\"journal\":{\"name\":\"Voprosy kiberbezopasnosti\",\"volume\":\"78 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Voprosy kiberbezopasnosti\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.21681/2311-3456-2022-2-63-71\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Voprosy kiberbezopasnosti","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.21681/2311-3456-2022-2-63-71","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Control Method of the Correct Execution of Programs by Monitoring and Analyzing the Route-Time Parameters of the Computing Process
Objective: develop a method and means to ensure sustainable functioning of the software mission-critical information systems under impact malicious software. Methods: analysis and classification of malicious software and means of protection against it, synthesis and modeling of correct behavior of programs, temporary automata. Study results: the characteristic of methods and means of detecting malware, which using masking methods, rootkit mechanisms and hardware virtualization technologies is given. A methodology for constructing profiles of the correct functioning of controlled programs in the form of a set of permissible execution routes has been developed. A method for monitoring and controlling the correctness of the current state of the computing process by comparing it with reference profiles has been developed. The method allows real-time detection and counteraction of malicious programs, which using various techniques of implementation and masking, including rootkit mechanisms, hypervisors based on hardware virtualization technology, interception and introduction in system functions in RAM.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
