计算机科学与应用

Vol.5 No.12 (December 2015)

木马检测与防护技术的发展
Study of Trojans Detection and Prevention Technology

 

作者:

吴少华 , 胡勇 :四川大学电子信息学院,四川 成都

 

关键词:

木马伪装技术进程隐藏通信协议免杀木马检测Trojan Masquerading Technology Process Hidden Communication Protocol Avoid Killing Trojan Detection

 

摘要:

通过对大量当前流行的windows木马程序进行逆向,分析木马在伪装技术、程序隐藏方式、进程隐藏方式、通信方式和免杀手段上所使用的各种技术,并结合当前主流的安全软件对木马的检测效果和检测方式,提出对抗木马新技术的方法。

Based on reverse analysis of many current popular Windows’ Trojans behavior, the new technolo-gies used by Trojans were summarized, including program hidden, process hidden, communication pattern and means to avoid killing. Combined with the current mainstream security software to detect the Trojan, some new technologies and opinions against the Trojan threat were present.

文章引用:

吴少华 , 胡勇 (2015) 木马检测与防护技术的发展。 计算机科学与应用, 5, 429-435. doi: 10.12677/CSA.2015.512054

 

参考文献

分享
Top