首页>
外国专利>
DEVICE AND METHOD FOR DYNAMICALLY MEASURING TRUSTED STATE OF COMPUTER BASED ON CALL STACK TRACK
DEVICE AND METHOD FOR DYNAMICALLY MEASURING TRUSTED STATE OF COMPUTER BASED ON CALL STACK TRACK
展开▼
机译:基于呼叫堆栈轨迹动态测量计算机的可信状态的设备和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
A device and method for dynamically measuring a trusted state of a computer based on a call stack track, relating to the field of information security. The device comprises a process monitoring unit, a thread monitoring unit, a state collection and construction unit, a state measurement unit, a user state contact unit, a state measurement matching unit, and a call stack track storage unit. The process monitoring unit and the thread monitoring unit are connected to the state collection and construction unit; the state collection and construction unit is connected to the state measurement unit; the state measurement unit is connected to the user state contact unit; the user state contact unit is connected to the state measurement matching unit; the state measurement matching unit is connected to the call stack track storage unit. According to the device and method, by monitoring a process, a thread and a thread call stack, and comparing with pre-stored possible function call stack data of a code, possible abnormal behaviors in a code execution flow are found, and compared with a dynamic trusted measurement solution of only monitoring a system call type, the detection strength and depth are further improved.
展开▼