Safety detection method for abnormal startup of computer

Safety detection method for abnormal startup of computer

The embodiment of the invention discloses a security detection method for abnormal startup of a computer. The method comprises the following steps: collecting an evidence chain based on hard disk operation information, an evidence chain based on a USN log, and an abnormally started security detectio...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: XI CHUANYU, ZHOU CHUNRU, LI HANG, LU PENG, LOU FANG, MENG FANZHI, YIN MINGYONG, WANG HAO, LEE JOON-HO
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The embodiment of the invention discloses a security detection method for abnormal startup of a computer. The method comprises the following steps: collecting an evidence chain based on hard disk operation information, an evidence chain based on a USN log, and an abnormally started security detection calculation model; at present, in an enterprise intranet environment in which large-scale users deploy security monitoring, for the behavior that the users bypass computer protection or monitoring software to enter a system, a security protection or detection method mainly depends on additional installation of a hardware module, the installation and deployment cost and the maintenance cost are high, and the scheme maturity and the market recognition degree are not high. The invention discloses a security detection method for abnormal startup of a computer in a software mode. Whether the computer is started or used outside a network security monitoring environment or not is detected under the condition that no add