| 基于BOOTKIT原理恶意代码控制技术研究 |
| |
| 引用本文: | 张德平.基于BOOTKIT原理恶意代码控制技术研究[J].柳州职业技术学院学报,2011,11(5):28-34. |
| |
| 作者姓名: | 张德平 |
| |
| 作者单位: | 柳州职业技术学院信息工程系,广西柳州,545006 |
| |
| 摘 要: | 首先分析了BIOS的启动过程,给出了BIOS启动过程中的控制权传递方法,分析了BIOS启动过程中POST阶段与BootBlock阶段分别完成的工作。然后提出了基于Bochs的BIOS代码安全性检测方法,对BIOS加载后的内存空间分布情况进行了分析,对可能造成安全隐患的环节进行代码跟踪,并给出了正常情况下的代码及功能。
|
| 关 键 词: | BOOTKIT 恶意代码 BIOS Bochs |
The Research of Malicious Code Control Technology Based on BOOTKIT Principle |
| |
| ZHANG De-ping.The Research of Malicious Code Control Technology Based on BOOTKIT Principle[J].Journal of Liuzhou Vocational & Technical College,2011,11(5):28-34. |
| |
| Authors: | ZHANG De-ping |
| |
| Institution: | ZHANG De-ping (Department of Engineering Information,Liuzhou Vocational &Technical College,Liuzhou Guangxi 545006,China) |
| |
| Abstract: | This paper has studied the BOOTKIT technology basic principle,has taken the malicious code control technology based on BIOS as research aim.At first,has analyzed BIOS startup procedure in details,has given the authority transmission method in the BIOS startup procedure,has analyzed the completed work which the POST stage and BootBlock stage in the BIOS startup procedure separately.Then proposed the BIOS code security examination method based on the Bochs,has analyzed the memory spatial distribution after BI... |
| |
| Keywords: | BOOTKIT malicious code BIOS Bochs |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
