Recently, reporters tracked several international security companies and found that everyone is paying attention to a common hot spot: Data Integrity protection. As we all know, after most malicious program code is injected into executable files, once the infected files run, the malicious code will start to be executed. Therefore, how to ensure data integrity is currently the main IT security issue. Interestingly, in this field, not only information security enterprises are collected, but some traditional IT vendors are also involved frequently.
Currently, file integrity can be ensured through hash value calculation, digital signature tracking, and file modification tracking. However, the first two methods require over-intensive resources to ensure the integrity of all files on a computer, while the last method is somewhat unreliable: currently, many malicious programs can hide the modification traces of files by modifying the time.
It can be seen that the so-called "standard" Integrity Control method will either consume too much system resources or Miss infected files, which will cause further spread of malicious programs.
According to the reporter's understanding, the latest International Data Integrity Protection Technology can avoid the above shortcomings in the current standards. The new technology allows you to view file integrity reliably and quickly without causing excessive resource consumption.
According to experts, the data integrity protection technology is based on the interception of application requests. These requests modify the timestamps of one or more files. Such requests can be tracked by every file and stored in the database. After the information is collected, it is provided to a special module (usually a module in a security program ), this module compares the changes between timestamp updates and corresponding timestamps. From this change, we can see whether the file is modified and possibly infected. Security programs can scan malicious code of files or display alerts.
With a new generation of data integrity protection technology, the new security product can quickly and reliably track whether files are modified, and this technology can also control anti-virus scanning, to prevent malicious code execution. Previously, the US Network World security columnist wrote that the biggest advantage of this technology is the rapid completion of file scanning with only the minimum consumption of system resources. This technology makes the operation of security gateway, anti-virus software and other products more transparent, thus providing a higher level of security protection.
It is undeniable that the new generation of data integrity protection technology is a significant invention. Its potential power will have a significant impact on the global information security market. This newspaper also sincerely appeals that domestic information security vendors must keep a high degree of attention in order to gain a cup of cake in the future market blowout.