Method and system for recall Trojan horse control site network behavior function reconstruction

A technology of control terminal and Trojan horse, which is applied in the field of control and analysis of Trojan horse and Trojan horse, can solve the problems of difficult analysis and high risk, and achieve the effect of preventing self-destruction, reducing possibility and convenient identification

Inactive Publication Date: 2014-01-01
WUXI CINSEC INFORMATION TECH
View PDF2 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In view of the shortcomings of the prior art described above, the purpose of the present invention is to provide a method and system for rebuilding the network behavior function of the rebounding Trojan horse control terminal, which is used to solve the problems of difficult analysis and high risk in the analysis of the rebounding Trojan horse program in the prior art. question

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for recall Trojan horse control site network behavior function reconstruction
  • Method and system for recall Trojan horse control site network behavior function reconstruction
  • Method and system for recall Trojan horse control site network behavior function reconstruction

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031]Embodiments of the present invention are described below through specific examples, and those skilled in the art can easily understand other advantages and effects of the present invention from the content disclosed in this specification. The present invention can also be implemented or applied through other different specific implementation modes, and various modifications or changes can be made to the details in this specification based on different viewpoints and applications without departing from the spirit of the present invention.

[0032] The purpose of the present invention is to provide a method and system for reconstructing the network behavior function of the rebounding Trojan horse control terminal, which is used to solve the problems of difficult analysis and high risk in the analysis of the rebounding Trojan horse program in the prior art. The principle and implementation mode of the method and system of a kind of rebound Trojan horse control terminal netwo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method and system for recall Trojan horse control site network behavior function reconstruction. The system comprises a secret shield disassembling analyzing module, a secret shield multi-path analyzing module and a secret shield Trojan horse control site generating module. The secret shield disassembling analyzing module analyzes a recall Trojan horse executive program by means of a static semantic analysis method so as to form a complete recall Trojan horse assembly code and obtain a code algorithm and a secret key material. The secret shield multi-path analyzing module obtains code execution path parameters, analyzes and constructs all possible paths, obtains detail information of network visiting and network function calling in the recall Trojan horse execution process and executes the paths. The secret shield Trojan horse control site generating module generates recall Trojan horse control site function program segments according to a generated encrypted secret key and the detail information of network visiting and network function calling, simulates a recall Trojan horse control site to respond to a recall Trojan horse request, finishes encrypted data verification and generates a report capable of reflecting recall Trojan horse control site network behavior functions. The method and system can safely and effectively reconstruct important functions of recall Trojan horse control site network behaviors.

Description

technical field [0001] The invention relates to the technical field of Trojan horses, in particular to the technical field of control and analysis of Trojan horses, in particular to a method and system for rebuilding network behavior functions of a control terminal of a rebounding Trojan horse. Background technique [0002] A rebound Trojan is a service program that resides in the user's computer, while the attacker controls the corresponding client program. The service program opens the connection resources of the user's computer through a specific port. Once the client program mastered by the attacker sends a request, the rebounding Trojan will connect with him and steal the user's information. [0003] After analyzing the characteristics of the firewall, the rebound port Trojan found that: the firewall often performs very strict filtering on incoming links, but neglects to prevent outgoing links. Therefore, contrary to general Trojan horses, the server (controlled end) ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/26
Inventor 耿振民
Owner WUXI CINSEC INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap