USB safety protection system based on user selection and equipment behavior analysis
The invention relates to a USB safety protection system based on user selection and equipment behavior analysis. Based on the driving action of a filter layer, before a USB device is connected to a host to work, the USB safety protection system interacts with the user and determines the device type,...
Gespeichert in:
| Hauptverfasser: | , , , |
|---|---|
| Format: | Patent |
| Sprache: | chi ; eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | The invention relates to a USB safety protection system based on user selection and equipment behavior analysis. Based on the driving action of a filter layer, before a USB device is connected to a host to work, the USB safety protection system interacts with the user and determines the device type, the behavior of the USB device is monitored in real time comprehensively on a hardware driving bottom layer, aiming at attack methods such as U disk virus and BadUSB which occurs newest, the IRP containing malicious operation is positioned, and the safety of the inserted USB device is determined. Based on a trusted chain concept of trust transfer in the system, the IRP interception technology and the malicious code detection technology are combined, and a USB safety protection monitoring system which is high in accuracy and easy to operate is formed.
本发明涉及种基于用户选择与设备行为分析的USB安全防护系统,基于过滤层驱动,通过在USB设备接入主机工作前,与用户交互后进行设备类型判定,在硬件驱动底层实现对USB设备行为的全面实时监控,针对U盘病毒以及最新出现的BadUSB等攻击手段,定位含有恶意操作的IRP,对插入的USB设备的安全性进行判定。并基于系统内部信任传递的可信链的 |
|---|