Troy Wooden Mark Survivability Technology Research And Implementation

Along with the development of information security technology, informationwarfare has entered the white-hot state. Information increasingly become a country’slifeblood, became one of the resources which various countries leap to the race to. In theinformation warfare, steal enemy information, destroying the enemy information system,become the key to conquer. Trojan horse, as a strong weapon in the information warfare,has important strategic significance while constantly improving the survivability.Influence Trojan horse the ability to survive factors includes: the hidden way,communication, start way, expansion ability, etc. This article from the four parts,research how to strengthen the Trojan horse and realize the ability to survive.This thesis describes several factors that impact the Trojan horse survivability.Based on previous analysis of existing hiding and detecting technologies for Trojanhorse, this thesis introduces a brand new hiding methodology with SPI. By the use ofthe SPI technology to realize the Trojan process hiding and start way hidden. Throughvarious methods of communication research, the thesis puts forward the HTTP tunneltechnology in the advantage of the Trojan communication, and proposed in thisfoundation the Multi-Web-Proxy thoughts. Multi-Web-Proxy is a kind of newcommunication model and explored for the multipurpose use of HTTP channeltechnology, Web Proxy technology, and Multi-Proxy technology. It does good job andwould solve several problem like IP blockade, instable network and protocol filteringetc. Use HTTP protocol and Web Proxy on communication, can enhancecommunications channel deceptive; the use of Multi-Proxy technology, can enhance theTrojan horse communications channel survival ability.This thesis also focuses on a variety of self protection solutions to improve thesurvival ability of Trojan horse which mainly reflected in self protection and theprotection on Proxy.This thesis enhances the Trojan horse information-obtaining capacity, developmentability, and strengthened the control to host by studying Mobile storage equipment infection technology, and interactive CMDShell.Based on the implementation of several techniques mentioned above, thesurvivability of Trojan horse is greatly improved. After test, the effect of operation ismuch better than others in the actual network environment.