Unlock instant, AI-driven research and patent intelligence for your innovation.

Trojan detection method and apparatus thereof

A Trojan horse, undetected technology, applied in the field of communications, can solve problems such as inability to detect Trojan horses

Active Publication Date: 2014-08-27
NSFOCUS INFORMATION TECHNOLOGY CO LTD
View PDF4 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The embodiment of the present invention provides a method and device for Trojan horse detection to solve the problem that the existing technology cannot effectively detect Trojan horses existing in the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Trojan detection method and apparatus thereof
  • Trojan detection method and apparatus thereof
  • Trojan detection method and apparatus thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] Since there is a Trojan heartbeat detection in almost all sessions initiated by a Trojan horse, it is possible to detect whether the session is a session initiated by a Trojan horse by detecting whether there is a Trojan horse heartbeat detection in a session. And, because in the session that Trojan horse initiates, the message that control terminal sends to the controlled end as Trojan horse control order also has some special characteristics, therefore can be checked whether the message in a conversation conforms to the message of Trojan horse control command message. feature to detect whether the session is a session initiated by a Trojan horse. In the embodiment of the present invention, the Trojan horse is detected by combining the Trojan horse heartbeat detection and the Trojan horse control command, so that the Trojan horse existing in the network can be detected, and the false alarm rate is reduced, so the Trojan horse existing in the network can be effectively d...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A trojan detection method and device, used to solve the problem in the prior art of being unable to effectively detect a trojan in a network, the method comprising: when a trojan heartbeat is detected in a session, according to whether the trojan heartbeat detection frequency is fixed, increasing the recorded session weight by a corresponding weight and recording the increased weight, and checking whether each packet transmitted from a controlling end to a controlled end complies with the characteristics of a trojan control command packet; if yes, then increasing by a third weight onto the recorded session weight and recording the same, and when the session weight reaches an alarm threshold, generating an alarm to notify that the session is initiated by a trojan. An embodiment of the present invention achieves trojan detection by detecting the packet in the session, thereby the trojan in a network can be detected. The detection to the packet in the session is not simply string matching, thus reducing false alarm rate and effectively detecting the trojan in the network.

Description

technical field [0001] The invention relates to the field of communication technology, in particular to a method and device for detecting a Trojan horse. Background technique [0002] With the continuous popularization of Internet technology, network security issues have become increasingly prominent, especially the proliferation of Trojan horse programs, which directly lead to the illegal theft and destruction of various important information. At present, the Trojan horse program has become a common tool for network attackers to carry out attacks. The attacker obtains the control authority of the target host through the Trojan horse program, and steals important information such as user accounts and passwords. Therefore, how to detect Trojans, and to block and protect them has become an urgent problem to be solved. [0003] In the prior art, the method for Trojan horse detection is: match the characteristics of the local file generated by a certain program, such as feature...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/26
CPCH04L63/1416H04L63/14H04L63/1408
Inventor 段宇璇程利军韩鹏
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD