Research And Implementation Of Hidden Communication Technology In Trojans

With the rise of the domestic Internet,communication between computer networks has become an indispensable part of today's society.The development of the Internet has brought great convenience to people's lives and work,and information security issues have also been exposed.Trojans are one of the biggest hidden dangers of network communication security.Using Trojan technology to invade network systems is the most common means of hackers,in order to steal key information of individuals and enterprises,destroy network resources,and make people's production and life.It causes serious harm.Therefore,in-depth research on Trojans can help improve Trojan detection methods,and it is of great significance to prevent Trojan invasion and protect network information security.This topic first systematically explores the basic principles of the Trojan horse program and the technical means that the Trojan mainly uses in the communication process.The hidden technology of Trojan in communication process is introduced.The Trojan hiding method is divided into three parts,process hiding,file hiding and communication hiding,and the main implementation methods of each part are emphasized.Combined with the current mainstream remote thread DLL injection method,a Trojan horse based on the bounce port is designed.The remote thread DLL injection method is used to realize the hidden purpose.The self-starting is realized by modifying the registry,and the ICMP protocol of the ping command is used to achieve the hidden effect of the Trojan communication,and the communication hidden function and the self-function of the Trojan are realized as a whole.The Trojan system of this subject is designed and implemented based on the windows system.It can break through some firewalls and anti-virus software,implant the server,and run normally without occupying system resources to achieve the hidden purpose.Through the analysis and research on the hidden technology and behavior trajectory of Trojan communication,it can have certain significance for the improvement of Trojan detection system and the prevention of malicious programs,and to ensure the communication service and data security of enterprises.