计算机工程

• 安全技术 • 上一篇    下一篇

虚拟环境下病毒查杀问题研究

冯文林   

  1. (武汉大学 计算机学院,武汉 430072)
  • 收稿日期:2015-11-12 出版日期:2016-11-15 发布日期:2016-11-15
  • 作者简介:冯文林(1982—),男,硕士研究生,主研方向为信息安全。

Research on Virus Killing Problem Under Virtual Environment

FENG Wenlin   

  1. (Computer School,Wuhan University,Wuhan 430072,China)
  • Received:2015-11-12 Online:2016-11-15 Published:2016-11-15

摘要: 传统的安全服务大多将病毒查杀实体置于用户的操作内部,会产生大量资源开销和浪费,且病毒查杀的程序本身就处于不安全的环境,容易遭到恶意程序的破坏,很难保证安全服务的完整性。为此,提出一种无代理的病毒查杀机制,将服务实体置于被保护的操作系统外部,不在被保护系统中安装任何插件和代理程序。基于虚拟化平台,利用虚拟化技术实现在线和离线的病毒查杀,且无需向系统中植入任何插件,以保证服务的完整性。实验结果表明,该离线杀毒安全服务具有较好的用户透明性,可以有效检测系统当前进程是否为恶意代码,并且成功终止恶意程序。

关键词: 云计算安全, 虚拟化技术, 病毒检测, 病毒查杀, 进程定位

Abstract: The traditional security services mostly put virus killing entities inside the users’ operating systems,which causes huge resource expenditure and waste,and the security software itself is in the unsafe environment,thus being easily destroyed by malicious programs,so it is difficult to ensure the integrity of the security service.Therefore,this paper proposes a new virus killing mechanism with no proxy.The service entity is placed outside the protected operating system,and no plug-in or proxy program is installed in the protected system.Based on virtualization platform,online and offline virus killing are realized by using virtualization technology,and no plug-ins are required to be inserted into the system,which ensures the integrity of the service.Experimental results show that,the proposed offline virus killing security service has better user transparency,can effectively detect whether the current process of the system is malicious code or not,and successfully terminates malicious programs.

Key words: cloud computing security, virtualization technology, virus detection, virus killing, process orientation

中图分类号: