Trojan Attack Prevention Technology

Posted on:2008-01-22

Degree:Master

Type:Thesis

Country:China

Candidate:Z H Wang

Full Text:PDF

GTID:2208360215477001

Subject:Computer technology

Abstract/Summary:

PDF Full Text Request

Trojan has great destructivity ,can be easily hidden,has become one of the main method to attack computer information systems. Trojans have brought much more serious damages and losses of information .It has made great threaten to the security of computer information systems,so the research of anti-trojan has already become the hotspot and the main emphasis in the area of information security.In the thesis,Trojan was thorough researched and analyzed. The main work done as follows:1.We summarize the conception,the main characteristic,the infect method,the notice method of Trojan Horse.2.We analyze the hide mechanism of Trojan in Windows systems. We analyze thorough the hide mechanism of Trojan in run-form,communicate-form,startup-form and the file in host disk.3.We analyze the hide mechanism of BO2K and Nethief Trojan,give emphasis on the hide mechanism of the BO2K in run-form and Nethief in communicate-form in allusion to the firewall.4.We analyze the limits of the popular detecting method of Trojan Horse by static characteristics,point out that the detecting method of Trojan has the drawback to detect for the unknown Trojan, can not detect them ,can not adapt to the confront-detect techniques for the known Trojan.The bility to detect Trojan depends on the static characteristics warehouse of Trojan in the detection system.5.At the basis of research on the hide mechanism of Trojan and detecting method of Trojan by static characteristics,we give a Trojan intrusion detection-defence system framework based on dynamic behavior of Trojan and static characteristics of Trojan。Based on the detect-defence method of Trojan by static characteristics and by the dynamic behavior,it implements the defense of Trojan by controlling the resources of the infection,hide and malice action of Trojan,implements the detecting of Trojan by watching the Registry,the system file and system directory,the map between port and process and the call of suspect Windows API ,and by filtering the communication information of system.

Keywords/Search Tags:

Trojan Horse, Trojan, Computer information security, Trojan detecting, Trojan defencing

PDF Full Text Request

Related items

1	Research On Hiding Technology Of DLL Trojan Horse
2	Research And Practice Based On Survivability Of Trojan Horse
3	The Operating Principle Of Trojan Horse And Technical Study On Defence Against Trojan Horse In Campus Network
4	Trojan Horse Attacks And A New Type Of Trojan Detection Technology
5	Research On Attack And Defense Of Trojan Horse
6	Trojan Horse Principle Analysis And Project
7	Research On Detection Techniques Of Instruction-triggered Hardware Trojan Horse
8	Hardware Trojan Detection Technology Based On Power Side Channel
9	Research On Computer Remote Control Technology
10	Research On Trojan Horse Detection Technology Based On Communication Behavior Analysis