| With the widely use of the internet, Most of the attacks and fraudulent activities on the Internet are carried out by all kinds of malwares. In particular, trojan horse, as one of state-of-the-art malware can build control system. They have become a primary "platform"for attacks on the Internet. Trojan horse are now used for information and security attacks,spam, phishing, information theft, etc. A trojan horse is a network of compromised computers that are under the control of an attacker through some command and control channel. It typically contains tens to hundreds of thousands of bots, but some even had several millions of bots. With the magnitude and the potency of attacks afforded by their combined bandwidth and processing power, botnets are now considered as the largest threat to Internet security.Counteracting this emerging threat requires better detection and analysis techniques. From this perspective, some key technologies are intensive study in this thesis. It mainly includes:Firstly, the concept of Intelligent Building Management Systems and working mechanism of trojan horse were introduce in this thesis. Security problems about the Intelligent Building Management Systems were proposed,and then the working mechanism of trojan horse was described. The DNS queries traffic of the groups of computers is analyzed by the degree of domain name access and algorithm of cluster analysis. Firstly, the basic concept of the intelligent building management systems and the application range of information security in the Internet are described. Meanwhile, the working mechanisms of trojan virus technology and the impact on the Internet security.Secondly,communication behavior pattern of trojan horse is analysised in the environment of modern internet, especially most of allabove all the trojan the main trend in the world today, and the communication protocol of trojan horse is discussed. We explained the communication and connection mode of port reverse trojan horse especially in the mode of internet. Then, the features of trojan horse communication behavior are analyzed on the basis of base on the analysis before .Thirdly, the security problems of modern Intelligent Building Management Systems described in the thesis, in the modern environment of the internet are illustrated in this paper.This papern proposes several characteristics about the concept of C-F model. It also describes the working principle of the C-F model and the extensive applications of the C-F model Character. The feature of trojan horse communication features were synthesis by the C-F model.The mothed of detection trojan horse were proposed base on the knowledge. The mechanism of the technique were describe in the paper. The detection system of trojan horse were established. The infrastructure of the trojan horse detection system are identified. The Knowledge base of the trojan horse communication behavior were upbuild in this infrastructure, the inference strategy were perfect in the detection system base on the basis theory of C-F model. The inference strategy can be set up in the detection system. The malware maybe existence in the Intelligent Building Management Systems can be find by this machine processed procedure, and the last result can be obtained.Finally, the result of the typical trojan horses were detection were receive by the means description in the paper this result is better than the system of the method that only use single character in the system. The analysis results by the typical sample show that the efficient and effective relative to other method. |
PDF Full Text Request