• DocumentCode
    2756254
  • Title

    Prototype Demonstration: Trojan Detection and Defense System

  • Author

    Liu, Ting ; Guan, Xiaohong ; Zheng, Qinghua ; Lu, Ke ; Song, Yuanfeng ; Zhang, Weizhang

  • Author_Institution
    Sch. of Electron. & Inf. Eng., Xi´´an Jiaotong Univ. Xian, Xi´´an
  • fYear
    2009
  • fDate
    10-13 Jan. 2009
  • Firstpage
    1
  • Lastpage
    2
  • Abstract
    This paper presents a novel Trojan detection and defense system. The prototype searches the important files which contain users´ confidential information on the disk. And then, these files will be monitored to find which processes will access them by capturing and analyzing the IRPs (I/O request packets). The processes of Trojans will be distinguished from regular ones by evaluating their API-calls with several machine-learning models, rather than traditional signature-based mechanism. Testing results show that this prototype could detect and defend the unknown Trojans quickly and accurately.
  • Keywords
    application program interfaces; invasive software; learning (artificial intelligence); API-calls; I/O request packet; Trojan detection; defense system; machine learning; user confidential information; Computerized monitoring; Consumer electronics; Data security; Databases; Design engineering; Information security; Invasive software; Prototypes; Radial basis function networks; Testing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Consumer Communications and Networking Conference, 2009. CCNC 2009. 6th IEEE
  • Conference_Location
    Las Vegas, NV
  • Print_ISBN
    978-1-4244-2308-8
  • Electronic_ISBN
    978-1-4244-2309-5
  • Type

    conf

  • DOI
    10.1109/CCNC.2009.4785028
  • Filename
    4785028