Research And Implementation Of Trojan Detection System Based On Behavior Monitoring

Along with the rapid development of Internet technology and computer network applications more widely, the network has brought great convenience to people’s lives, it also brings a variety of security issues, including Trojans began with the development of the network in the network flooding, damage to computer systems, has increasingly become one of the largest network of hazards faced by the majority of users, and therefore the research of new method for detecting Trojans fast and efficient has the great significance.In this paper, firstly through the analysis of popular Trojan’s operation of the Internet, Trojan behavioral characteristics were summarized by analyze Trojan stage of implantation, the operational phase, networking and self-protective stage. Then on this basis proposes to make a Trojan attack tree by Trojan behavioral characteristics and combined with fuzzy optimization evaluation model to determine the number of triangular fuzzy TOPSIS-based implementation, and finally realized the Trojan detection system.The paper’s main tasks include the followings:(1)Research the popular Trojan technology and Trojan detection technology. Describes the advantages and disadvantages of mainstream Trojan detection technology, which focuses on behavior-based monitoring of Trojan detection technology.(2) Design a Trojan detection method based on behavioral monitoring and triangular fuzzy evaluation of TOPSIS:By extracting suspicious behavior monitoring program behavior characteristics, the behavioral characteristics of suspicious program behavior characteristics to match with the Trojan, and then build the tree and Trojan attacks combined with triangular fuzzy evaluation model based on the number of TOPSIS achieve Trojan behavior.(3) Design the framework of Trojan detection system based on behavior monitoring by using the theory of Trojan detection method that based on behavior monitoring. And describes in detail the implementation of the principle of behavior-based monitoring of each module Trojan detection system, and finally carried out experiments to test the system.