第1个回答 2010-05-06
Rampant malicious programs on the computer today, there is no security software installed on networked computers has been difficult to run properly. Rootkit is able to durable and reliable, can not be detected to exist in a set of computer programs or code, is a malicious software to hide their tracks and keep your computer up access (root access) tool. Rootkit serious harm performance in the target computer, the highest it has access to the target computer can be arbitrary manipulation. Evolving technology can even break Rootkit Rootkit detection software, and Rootkit detection software by modifying the implementation of logic makes Rootkit detection software failure.
This paper designed a Rootkit detection subsystem and the self-test subsystem independent Rootkit detection system.
Self-test subsystem be found by searching in the system Rootkit detection subsystem, the first start of the accreditation process, only self-test subsystem through a Rootkit detection subsystem certification, Rootkit detection subsystem before accepting its self-test subsystem testing and to create a self-test environment for the self-test subsystem; if the self-test did not pass the certification, indicating Rootkit detection subsystem has been destroyed and forced to self-test and recovery. Rootkit detection subsystem of the self-test subsystem authentication using RSA algorithm, communications, both sides have their own public key and private key, the authentication when communication both with each other's public key encrypted message sent to each other and with their own private key to decrypt the received information, and then send the information and its own comparison.
Random combination of demand-based module MD5 digital signature file integrity detection method, the file needs to be done to protect the integrity of all the modules can be divided into several groups duplicate, and each of the modules to seek MD5 value after the merger.
第2个回答 2010-05-06
In computer malicious programs today, no installation of safety networked computer software has been difficult to normal operation. Rootkit is not reliable, can exist in the computer test program or code, a group is used to hide their malicious software trace and retain top computer access (root access). The serious harm in Rootkit has its target computer's highest access to the target, the computer is follow one's inclinations. The continuous development of Rootkit technology can even break Rootkit detection software, and modify the software Rootkit executing logic software failure detection makes Rootkit.
This paper designs a Rootkit detection subsystem and self-inspection subsystem independent Rootkit detection system.
Through the search system self-check subsystem finds Rootkit detection, first start after the subsystem of authentication procedures, only by a Rootkit self-checking subsystem test system authentication, Rootkit detection subsystem to accept self-inspection of its subsystems, and create self-check environment for self-check subsystem, If no authentication, through self test has been damaged Rootkit subsystem, need to enforce self-check and recovery. Rootkit detection of self-check subsystems subsystem authentication using RSA algorithms, communication both have their public and private, authentication, communication in both the encrypted information with each other, and give yourself the decrypted receiving and sending messages, and then compares the information.
Based on the random combination module for MD5 of digital signature file integrity test method, will need to do all of the module file integrity protection into several groups can be repeated, and each group of module combined for MD5 value after orderly.本回答被网友采纳
第3个回答 2010-05-06
我是人工翻译的哦:
Rampant malicious programs on the computer today, there is no security software installed on networked computers has been difficult to run properly. Rootkit is able to durable and reliable, can not be detected to exist in a set of computer programs or code, is a malicious software to hide their tracks and keep your computer up access (root access) tool. Rootkit serious harm performance in the target computer, the highest it has access to the target computer can be arbitrary manipulation. Evolving technology can even break Rootkit Rootkit detection software, and Rootkit detection software by modifying the implementation of logic makes Rootkit detection software failure.
This paper designed a Rootkit detection subsystem and the self-test subsystem independent Rootkit detection system.
Self-test subsystem found by searching in the system Rootkit detection subsystem, the first start the certification process, only self-test subsystem through a Rootkit detection subsystem certification, Rootkit detection sub-system self-test subsystem, it only accepted test and to create a self-test environment for the self-test subsystem; if the self-test did not pass the certification, indicating Rootkit detection subsystem has been destroyed and forced to self-test and recovery. Rootkit detection subsystem of the self-test subsystem authentication using RSA algorithm, communications, both sides have their own public key and private key, the authentication when communication both with each other's public key encrypted message sent to each other and with their own private key to decrypt the received information, and then send the information and its own comparison.
Random combination of demand-based module MD5 digital signature file integrity detection method, the file needs to be done to protect the integrity of all the modules can be divided into several groups duplicate, and each of the modules to seek MD5 value after the merger.