| 摘 要: 规范企业PC用户的行为使之符合安全性、有用性的要求,借助技术手段收集用户的行为是一种行之有效 的方式。分析基于Windows内核技术,实现对用户上网行为、进程操作、文件的读写、删除和重命名进行收集。采用 C/S架构,在服务器端文件记录客户端访问的网站信息和进程操作信息,方便对历史记录进行查询,完全基于内核,无 进程也无DLL支持,可靠性和安全性高。 |
| 关键词: Windows内核;进程操作;上网行为;文件行为 |
|
中图分类号: TP309
文献标识码: A
|
|
| A Solution for User Behavior Collection Based on Windows Kernel |
|
ZHAO Xiaohua,ZHAO Shusheng
|
( Shangqiu University Applied Science and Technology College, Kaifeng 475000, China)
|
| Abstract: To standardize the behaviors of enterprise PC users to meet the requirements of security and usefulness,it is an effective way to collect users' behaviors by means of technology.Based on Windows kernel technology,this paper implements the collection of user online behaviors and process operation,file reading,writing,deleting and rename. C/S architecture is used to record client's access to web site information and process operation information in server side files,so as to facilitate queries on historical records.It is based on kernel with no process and no DLL support as well as high reliability and security. |
| Keywords: Windows kernel;process operation;online behavior;file behavior |
