摘要
勒索病毒是一种新型计算机病毒,可以通过邮件、网页挂马和程序挂马等途径传播,攻击企业或个人服务器,一旦用户感染勒索病毒,会造成严重损失。勒索病毒作为一种计算机攻击方式,可以利用杀毒软件、防火墙、深度包过滤等工具进行查杀。但是,由于这些工具均属于被动模式,需要等待勒索病毒爆发才能开始查杀,无法及时分析网络数据中是否存在病毒或木马,不能积极主动查杀勒索病毒。为了提高勒索病毒防御水平,提出了一种基于主动模式的勒索病毒防御体系。该体系能够实时采集网络数据,分析网络数据中是否存在勒索病毒,一旦发现立即主动响应,及时启动网络安全防御工具,清除勒索病毒,保护用户安全。
Extortion virus is a new type of computer virus, which can be transmitted by mail, web page and program, attacking enterprise or personal servers. Once users are infected with extortion virus, it will cause serious losses. As a way of computer attack, extortion virus can be detected and killed by anti-virus software, firewall, deep packet filtering and other tools. However, because these tools belong to the passive mode, we need to wait for the outbreak of extortion virus to start killing. We can not timely analyze whether there are viruses or Trojans in the network data, and can not actively detect and kill extortion virus. In order to improve the level of blackmail virus defense, a blackmail virus defense system based on active mode was proposed. This system can collect network data in real time, analyze whether there is extortion virus in network data, and actively respond to it once it is found, promptly start network security defense tools, remove extortion virus and protect user security.
作者
郑冰
Zheng Bing(Cosco Shipping Lines Co., Ltd., Shanghai 200090, China)
出处
《信息与电脑》
2019年第15期216-217,共2页
Information & Computer
关键词
勒索病毒
数据采集
杀毒软件
extortion virus
data collection
anti-virus software
作者简介
郑冰(1976-),男,福建连江人,本科,系统分析师。研究方向:企业信息化。
