中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/61557
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 41643903      Online Users : 1166
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/61557


    Title: Windows AutoUpdate Service Guardian
    Authors: 何儒軒;He,Ju-Hsuan
    Contributors: 資訊工程學系
    Keywords: 自動更新;微軟;服務;關閉;Windows;Automatic update;service
    Date: 2013-08-12
    Issue Date: 2013-10-08 15:22:13 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 隨著電腦與網路的普及,使用者對於電腦基本安全防護的認
    識也有提升,大部分使用者會安裝防毒軟體或是防火牆等的軟
    體,使電腦有所防護。但是防毒軟體與防火牆都是安裝於作業
    系統上,也因此即便電腦安裝了防毒軟體及防火牆,使用者也
    有著良好的電腦使用習慣,攻擊者還是有可能透過系統漏洞,繞
    過防火牆以及防毒軟體的防禦,奪走使用者的電腦控制權或是得
    到使用者的私人資訊。所以說,作業系統的更新,對於電腦整體
    的資訊安全,扮演著一個舉足輕重的腳色。而更新的行為,作業
    系統通常會自動的執行,或是通知使用者去做系統更新。但是我
    們發現,有一些惡意程式,會去關閉系統的自動更新服務,藉此
    使得使用者的作業系統無法保持在最新的狀態。在更新補丁發布
    之後,無法藉由更新來防護系統,使得使用者電腦暴露在危險之
    中。
    本篇論文以Windows XP 作業系統為平台,研究其自動更新
    服務如何運作,依其相關知識提出數個關閉更新服務的方法。同
    時分析數個惡意軟體樣本,了解它們關閉自動更新服務的原理,
    最後提出一個以System Service Dispatch Table (SSDT) hook 為
    基礎的解決方式,有效的防禦這一些攻擊。
    Nowadays, people rely on personal computer to do lots of
    things. They would install some application to protect their com-
    puters, such as antivirus software or rewall to make their comput-
    ers safer from attacker's attack. Because Antivirus software and
    rewall are installed on top of the operating system, if there are
    some bugs in the operating system, attackers can bypass antivirus
    software and rewall through bugs and launch an attack to get the
    private user data and control users' computer. As a consequence,
    updating operating system becomes an important method in whole
    information security of computer.
    The update behavior is usually done automatically by oper-
    ating system. Users can also update his/her system when they get
    the update noti cation. But we found there exist some malware
    will disable the automatic update service of the operating system.
    So users cannot download the newest patch to protect their own
    computers in time and means that both of their computers and
    data are in danger.
    In this paper, we study how an automatic update service run-
    ning on Windows XP system and show approaches to disable au-
    tomatic update service. We also analyze some malware to nd
    out what method they used to disable automatic update service.
    Finally, we propose a solution based on SSDT hook, which named
    Windows AutoUpdate Service Guardian (WASG) to protect Win-
    dows automatic update service e fficiently.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML500View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明