DocumentCode
2756254
Title
Prototype Demonstration: Trojan Detection and Defense System
Author
Liu, Ting ; Guan, Xiaohong ; Zheng, Qinghua ; Lu, Ke ; Song, Yuanfeng ; Zhang, Weizhang
Author_Institution
Sch. of Electron. & Inf. Eng., Xi´´an Jiaotong Univ. Xian, Xi´´an
fYear
2009
fDate
10-13 Jan. 2009
Firstpage
1
Lastpage
2
Abstract
This paper presents a novel Trojan detection and defense system. The prototype searches the important files which contain users´ confidential information on the disk. And then, these files will be monitored to find which processes will access them by capturing and analyzing the IRPs (I/O request packets). The processes of Trojans will be distinguished from regular ones by evaluating their API-calls with several machine-learning models, rather than traditional signature-based mechanism. Testing results show that this prototype could detect and defend the unknown Trojans quickly and accurately.
Keywords
application program interfaces; invasive software; learning (artificial intelligence); API-calls; I/O request packet; Trojan detection; defense system; machine learning; user confidential information; Computerized monitoring; Consumer electronics; Data security; Databases; Design engineering; Information security; Invasive software; Prototypes; Radial basis function networks; Testing;
fLanguage
English
Publisher
ieee
Conference_Titel
Consumer Communications and Networking Conference, 2009. CCNC 2009. 6th IEEE
Conference_Location
Las Vegas, NV
Print_ISBN
978-1-4244-2308-8
Electronic_ISBN
978-1-4244-2309-5
Type
conf
DOI
10.1109/CCNC.2009.4785028
Filename
4785028
Link To Document