Research On Trojan Horse Attack And Hiding Technology

With the wide spread of the internet, mankind is stepping into the Information Era. Information has become an increasingly more valuable resource of mankind, and the network war will become one of the crucial forms of information war in the future. Trojan horse is a network attack technology which can be used during both war and peace. The network attack can be effected by installing the Trojan horse into the enemies'system to establish a stable inner attack point which will provide a smooth and safe channel for oncoming attacks. The thesis, combining the special requirements of information war and the studies on the Trojan horse attack and hiding technique, introduces a Trojan horse system based on P2P network model.The thesis firstly introduces network attack and Trojan horse technology. One of the biggest difficulties in designing Trojan horse lies in hiding it. After Trojan horse is installed into the target system, designer will utilize several kinds of technologies to hide its tracks as long as possible. Hiding Trojan horse mainly consists of process hiding and communication hiding. In the thesis, a new method of process hiding of Trojan horse is designed. It utilizes DLL trapping on the interface of Windows SPI so as to hide the Trojan horse without process. As for communications hiding, the P2P technology, which replaces the traditional network model controlled by Trojan horse, establishes Trojan horse communication agreement under P2P environment to improve the hiding communication of Trojan horse-controlling system so that the stability of the system can be ensured.Further to the theories in the thesis, Trojan horse controlling system based on database is implemented completely. The design of modularization enables convenient updating and expansion of the system in the future. Testing results and analysis are stated in the thesis after several detailed sample tests were processed. The results show that the server of Trojan horse can withstand the firewalls and anti-virus software. The combination of process hiding technology and P2P network-controlling model effectively enhance the hiding capability and stability of Trojan horse control. Therefore, a wide application can be foreseen in the fields of network attack technology.As the end of the thesis, all work involved are summarized and prospect is raised for future study.