원문정보
초록
영어
Under the situation that existing information protection systems adopt an approach that tackles malicious codes based on already known signatures or analyzed behavior/feature, they are limited in detecting and identifying the unknown and the deformation of the malicious code. The present study, as a means of overcoming such a shortcoming, proposes a way of endpoint application control capable of more securely protecting endpoint devices (PCs) from intrusion of malicious codes and attacks through exploitation of an application or operating system vulnerability, by implementing a hybrid of technology such as whitelist-based application execution control via authentication of integrity, media access control, prevention of modification of important files, and control over IP/port attempting for process access or reverse link.
목차
1. Introduction
2. Related Works
3. Proposed Execution Control System
3.1. Agent Section of the System
3.2. Event Server Section of the System
3.3. Monitoring Console Section of the System
4. Conclusion
References