Trojan

About: Trojan is a research topic. Over the lifetime, 2028 publications have been published within this topic receiving 33209 citations.

Big data discovery based bot Trojan virus detection and control method

Abstract: The invention aims to provide a big data discovery based bot Trojan virus detection and control method, which specifically comprises the steps of collecting spreading websites so as to acquire a virus sample, analyzing virus characteristics of an infected server, prompting an infected user, and tracking and preventing a control source. According to the invention, trusted domain names are filtered through a white list, analysis is carried out on an attack source of a suspicious domain name, and finally a remote control terminal address of a hacker-controlled computer is recognized through an attack source hacker-controlled computer. Statistical analysis data is recorded to a virus database after analysis, and tracking analysis is carried out on a botnet and viruses. Meanwhile, the suspicious domain name is forwarded, thereby avoiding a host from being infected by Trojan viruses in access of users.

Trojan horse detection method based on terminal traffic

Abstract: The invention provides a trojan horse detection method based on terminal traffic. The method comprises the steps of capturing data traffic information, analyzing time period traffic, analyzing uplink data traffic and downlink data traffic of a terminal, conducting approval matching between the data traffic which is analyzed intelligently and communication white list data, and detecting the correctness of a terminal traffic data packet. According to the trojan horse detection method based on the terminal traffic, the situation that when a conventional trojan horse detection means according to existing feature codes, samples, malicious codes and the like in the prior art is used, trojan horses which are highly hidden, incapable of being killed, capable of conducting irregular communication and being injected through system program files and the like can not be found or killed in time is changed; by means of the trojan horse detection method based on the terminal traffic, the terminal data traffic can be monitored in real time, whether traffic data generated by a program are abnormal is determined through a multi-dimensional detection model, deep detection of variant trojan horses or advanced trojan horses or residual trojan horses is achieved, the safety of a computer is improved, the false alarm rate is lowered, and the accuracy of trojan horse positioning is improved.