计算机应用与软件2017,Vol.34Issue(9):114-119,6.DOI:10.3969/j.issn.1000-386x.2017.09.023
一种基于白名单机制的电力监控主机恶意代码防御方案
A SOLUTION OF MALWARE DEFENSE BASED ON WHITE-LIST FOR POWER SUPERVISORY HOSTS
胡海生1
作者信息
- 1. 广东电网有限责任公司电力科学研究院 广东广州510080
- 折叠
摘要
Abstract
Traditional defense solutions against malware are based on blacklist (e.g.,anti-virus software.),which cannot cope with new Malwares (i.e.,malicious code that exploits 0day vulnerabilities).Therefore,we present a malware defense solution based on white-list for power supervisory hosts.This scheme built a code execution control module on the monitoring hosts,which protected the startup of trusted software and blocked the execution of malware.Hence,security of monitoring hosts was improved.Moreover,the design management server centrally managed the trusted execution module,and maintained the white list.We designed and developed the system according to the solution,and carried out pilot application and experiment in the transformer substation.The experiment showed the system could recognize trusted software and malware to prevent the execution of both new and old malware.Meanwhile,its time consumption and new traffic were in reasonable scope during the process of recognition.关键词
白名单/电力监控主机/恶意代码防御Key words
White-list/Power supervisory hosts/Malware defense分类
信息技术与安全科学引用本文复制引用
胡海生..一种基于白名单机制的电力监控主机恶意代码防御方案[J].计算机应用与软件,2017,34(9):114-119,6.
