摘要： 根据行为自动监控、行为自动分析和行为自动诊断的新思路，利用进程鉴别和隐藏技术对信息安全进行研究。通过VC++6.0工具平台实现了病毒主动防御的目标，实际运行的系统证明该技术可以从根本上克服传统防病毒软件中信息保护滞后于新病毒出现的重大 缺陷。

关键词: 病毒, MD5, 进程隐藏, 伪隐藏, 钩子

Abstract: The paper makes use of the differentiation and hiding technology of the process to research the information security, according to some new thoughts, such as the automation monitor and control of behavior, automation analysis of behavior, automation deduction of behavior. It achieves active defense toward the viruses by using the tool of VC++6.0, the actual system proves that the technology can conquer radically the fatal objection that the new viruses come forth ahead of the information protection in the traditional preventing virus software.

Key words: Virus, MD5, Process hiding, Fake hiding, Hook