Title :
Prototype Demonstration: Trojan Detection and Defense System
Author :
Liu, Ting ; Guan, Xiaohong ; Zheng, Qinghua ; Lu, Ke ; Song, Yuanfeng ; Zhang, Weizhang
Author_Institution :
Sch. of Electron. & Inf. Eng., Xi´´an Jiaotong Univ. Xian, Xi´´an
Abstract :
This paper presents a novel Trojan detection and defense system. The prototype searches the important files which contain users´ confidential information on the disk. And then, these files will be monitored to find which processes will access them by capturing and analyzing the IRPs (I/O request packets). The processes of Trojans will be distinguished from regular ones by evaluating their API-calls with several machine-learning models, rather than traditional signature-based mechanism. Testing results show that this prototype could detect and defend the unknown Trojans quickly and accurately.
Keywords :
application program interfaces; invasive software; learning (artificial intelligence); API-calls; I/O request packet; Trojan detection; defense system; machine learning; user confidential information; Computerized monitoring; Consumer electronics; Data security; Databases; Design engineering; Information security; Invasive software; Prototypes; Radial basis function networks; Testing;
Conference_Titel :
Consumer Communications and Networking Conference, 2009. CCNC 2009. 6th IEEE
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-4244-2308-8
Electronic_ISBN :
978-1-4244-2309-5
DOI :
10.1109/CCNC.2009.4785028
