Research On Attack And Defense Of Trojan Horse

With the rapid development of Internet technology, Internet has infiltrated every walk of life, it is used widely. Internet not only brings us vast quantities of information quickly and conveniently, but also brings us a lot of security problems. Trojan horse has became an important means of network attack, because of the characteristics of remote controlled and concealment. Therefore, it is important to study Trojan's principle of operation, the methods of injection, the ways of automatic running, concealment technology and Trojan's functions. Researching through Trojan Horse Technology, we can provide a basis for Trojan Horse Detection. At the same time, building a Trojan Horse Detection system is the most effective methods of preventing from Trojan horse attacking the computer. And it is the sinews of network information security.The paper systematically has analyzed the operation principle of the Trojan horse, principle of injecting, automatic running technology, concealment technology and Trojan horse preventing technology. Base on the study of the Trojan horse key technology, we accomplish a Trojan horse system which against formatting. The structure design of system, systematic function module design, hidden processes module design, hidden file module design, communication concealment module design are described in detail. Systematic function module includes dynamic module, proxy server module, file transmission module, recorded keyboard module, searched for file module, infected U-Disk module, against formatting module. Every module describes its operating principle and flow chart.The Trojan horse key technology includes Winsock2 SPI technology, SSDT Hooking technology, and against formatting technology which is based on MBR. The key technology illustrates basic knowledge on the key technology and its implement principle. Next on the base of the key technology, we successfully implement the communication concealment module, hidden processes module and against formatting module.Finally the paper proposes the related solution and concrete measures for Trojan horse attack, which is based on researching Trojan horse technology. The paper proposes the measures from the perspective of user using network customs, anti-virus software and firewall. And it also analyses the development trend of Trojan horse defense technology.