Kernel-mode File Monitoring on Windows Mobile Device
碩士 === 國立中央大學 === 資訊工程研究所 === 97 === In recent years, as the result of the evolution of mobile device technology, newer mobile devices have gained much greater functionality continuously. Especially intelligent devices such as smart phones and personal digital assistants (PDAs) have ability to conne...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | zh-TW |
| Published: |
2009
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/14958204923350992761 |
| id |
ndltd-TW-097NCU05392077 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-TW-097NCU053920772015-11-16T16:09:05Z http://ndltd.ncl.edu.tw/handle/14958204923350992761 Kernel-mode File Monitoring on Windows Mobile Device 在行動裝置上以攔截檔案處理函式機制防止病毒擴散 Yi-chun Yeh 葉怡群 碩士 國立中央大學 資訊工程研究所 97 In recent years, as the result of the evolution of mobile device technology, newer mobile devices have gained much greater functionality continuously. Especially intelligent devices such as smart phones and personal digital assistants (PDAs) have ability to connect to 3.5G network, and they are equipped with GPS, high-resolution digital camera, WLAN, and Bluetooth in general. These features make devices can exchange information with other devices in many ways, perform more applications, and let users can use them to do more activities. Nowadays the price of them is not so expensive, so the popularity of intelligent devices is increasing quickly. However, the greater functionality gains, the more vulnerabilities on devices may appear. Those vulnerabilities are similar to which already existed in personal computer’s world, including malware threats. Malware includes virus, worm, trojan, spyware, rootkit, and so on. They may smash data on the device, monitor the user’s activities, steal important information, exhaust system resources, and generate more costs. Therefore, it is necessary to develop detecting and protecting approaches to enhance mobile devices’ security. Currently the most common operating systems used by mobile devices are iPhone, Android, Windows Mobile, and Symbian. The Windows Mobile system is based on Windows CE developed by Microsoft. Windows CE provides a subset of Win32 API which exists in desktop versions of Windows. This makes applications on desktop Windows compatible to Windows CE. The executable file format used on Windows CE is also Portable Executable as Windows NT-based system, therefore many traditional malware techniques can be ported to Windows CE easily. We aim at Windows Mobile devices and propose a kernel-mode file operation monitoring methods which can filter relative APIs to file operations in kernel space to prevent virus spreading. Fu-hau Hsu 許富皓 2009 學位論文 ; thesis 35 zh-TW |
| collection |
NDLTD |
| language |
zh-TW |
| format |
Others
|
| sources |
NDLTD |
| description |
碩士 === 國立中央大學 === 資訊工程研究所 === 97 === In recent years, as the result of the evolution of mobile device technology, newer mobile devices have gained much greater functionality continuously. Especially intelligent devices such as smart phones and personal digital assistants (PDAs) have ability to connect to 3.5G network, and they are equipped with GPS, high-resolution digital camera, WLAN, and Bluetooth in general. These features make devices can exchange information with other devices in many ways, perform more applications, and let users can use them to do more activities. Nowadays the price of them is not so expensive, so the popularity of intelligent devices is increasing quickly. However, the greater functionality gains, the more vulnerabilities on devices may appear. Those vulnerabilities are similar to which already existed in personal computer’s world, including malware threats. Malware includes virus, worm, trojan, spyware, rootkit, and so on. They may smash data on the device, monitor the user’s activities, steal important information, exhaust system resources, and generate more costs. Therefore, it is necessary to develop detecting and protecting approaches to enhance mobile devices’ security.
Currently the most common operating systems used by mobile devices are iPhone, Android, Windows Mobile, and Symbian. The Windows Mobile system is based on Windows CE developed by Microsoft. Windows CE provides a subset of Win32 API which exists in desktop versions of Windows. This makes applications on desktop Windows compatible to Windows CE. The executable file format used on Windows CE is also Portable Executable as Windows NT-based system, therefore many traditional malware techniques can be ported to Windows CE easily. We aim at Windows Mobile devices and propose a kernel-mode file operation monitoring methods which can filter relative APIs to file operations in kernel space to prevent virus spreading.
|
| author2 |
Fu-hau Hsu |
| author_facet |
Fu-hau Hsu Yi-chun Yeh 葉怡群 |
| author |
Yi-chun Yeh 葉怡群 |
| spellingShingle |
Yi-chun Yeh 葉怡群 Kernel-mode File Monitoring on Windows Mobile Device |
| author_sort |
Yi-chun Yeh |
| title |
Kernel-mode File Monitoring on Windows Mobile Device |
| title_short |
Kernel-mode File Monitoring on Windows Mobile Device |
| title_full |
Kernel-mode File Monitoring on Windows Mobile Device |
| title_fullStr |
Kernel-mode File Monitoring on Windows Mobile Device |
| title_full_unstemmed |
Kernel-mode File Monitoring on Windows Mobile Device |
| title_sort |
kernel-mode file monitoring on windows mobile device |
| publishDate |
2009 |
| url |
http://ndltd.ncl.edu.tw/handle/14958204923350992761 |
| work_keys_str_mv |
AT yichunyeh kernelmodefilemonitoringonwindowsmobiledevice AT yèyíqún kernelmodefilemonitoringonwindowsmobiledevice AT yichunyeh zàixíngdòngzhuāngzhìshàngyǐlánjiédàngànchùlǐhánshìjīzhìfángzhǐbìngdúkuòsàn AT yèyíqún zàixíngdòngzhuāngzhìshàngyǐlánjiédàngànchùlǐhánshìjīzhìfángzhǐbìngdúkuòsàn |
| _version_ |
1718130367234310144 |