%0 Journal Article
%T Preventing code injection attack with hook in kernel mode
利用核心态钩挂技术防止代码注入攻击
%A ZHU Ruo-lei
%A
朱若磊
%J 计算机应用
%D 2006
%I
%X To prevent code injection attack,it is necessary to monitor involved API(Application Programming Interface) by hooking them.Because there exists rigid process isolation in Windows NT,hooking these APIs must be done in kernel mode.A relatively simple way to do this was introduced.It is proved that in Windows XP the way to hook API in kernel mode can efficiently prevent code injection attack.
%K eode injection
%K hook
%K kernel mode
代码注入
%K 钩挂
%K 核心态
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=831E194C147C78FAAFCC50BC7ADD1732&aid=876980C71D6E3294&yid=37904DC365DD7266&vid=96C778EE049EE47D&iid=9CF7A0430CBB2DFD&sid=93C927FBCA96CB53&eid=7B6F8FF0F7C4CB44&journal_id=1001-9081&journal_name=计算机应用&referenced_num=0&reference_num=6