| The application and population of computer network brings about great changes in ways of people study, living and working, and promotes the human society reform. However, there exists a large amount of malicious code aiming at destroying the system and network operation in the network, which is the biggest threat of information security. Therefore, malicious code defense is one of most valuable research fields and received widespread attention from scholars.Firstly, this paper analyzes the malicious code hazard, development and trend, and makes a further study of malicious code realization mechanism, including detailed detecting techniques and their advantages and disadvantages analysis. To overcome the shortcomings of common malicious code detection techniques, a kind of malicious defense mechanism based on cloud trust is proposed in this paper, which combines the advantages of cluster server and client terminal together to implement malicious code detection of the whole network.Based on its software and hardware superiority, cluster server analyzes the malicious code report received from a client and computes reputation value of the client, then processes the report at different priorities according to its reputation value, finally it provides the client with relative malicious code solution. While the client terminal can discover the abnormal conditions of local machine timely and effectively with its sensitivity to the malicious code. Then send the malicious code report to submit host abnormal condition analytical results to realize the malicious code defense of the whole network. A reputation value computation algorithm of client terminal is designed on the cluster server. This algorithm determines effectiveness of the malicious code report effectiveness from the client terminal according to the report quality, and processes it at different priorities. It can deal with malicious code in network effectively without wasting system resource and detect the unknown malicious code from the report analysis in the defense mechanism. A second-order HMM (HMM2) to detect malicious code is established on client terminal. In this modal, the underlying state transition matrix is divided into two matrixes of Al and A2, and it introduces maximum likelihood estimation of improved standard Baum-Welch algorithm to realize the modal training. The algorithm analysis and simulation experiment results show that, the malicious code defense mechanism based on cloud trust proposed this paper performs much better on effectiveness and accuracy than traditional defense mechanism. |
PDF Full Text Request