Detection of Trojan horse by Analysis of System Behavior and Data Packets

Abuzneid, Abdelshakour A.; Gudipati, Vamshi Krishna; Kumar, Varun; Vetwal, Aayush; Adeniyi, Anjorin

Detection of Trojan horse by Analysis of System Behavior and Data Packets

Files

Vamshi Gudipati - Detection of Trojan horse by Analysis of System Behavior and Data Packets.pdf (546.65 KB)

Authors

Abuzneid, Abdelshakour A.

Gudipati, Vamshi Krishna

Kumar, Varun

Vetwal, Aayush

Adeniyi, Anjorin

Issue Date

2015-03-27

Type

Presentation

Language

en_US

Keywords

Trojan virus , Windows operating system , Virus detection , Computer science

Abstract

Trojan horse is said to be one of the most serious threats to computer security. A Trojan horse is an executable file in the Windows operating system. These executable files will have certain static and runtime characteristics. Multiple Windows system process will be called whenever a Trojan horse tries to execute any operation on the system. In this paper a new Trojan horse detection method by using Windows dynamic link libraries to identify system calls from a Trojan horses is explicated. Process explorer is used to identify the malicious executable and to determine whether it is a Trojan or not. Further, an attempt is made to study the network behavior after a Trojan horse is executed using wire shark.

URI

https://scholarworks.bridgeport.edu/handle/20.500.14548/1181

Collections

Engineering Posters

Full item page