| 主流木马技术分析及攻防研究 |
| |
| 引用本文: | 胡燕京,张冰,王海义,张丽琼.主流木马技术分析及攻防研究[J].现代电子技术,2007,30(13):96-100. |
| |
| 作者姓名: | 胡燕京 张冰 王海义 张丽琼 |
| |
| 作者单位: | 武警工程学院,陕西,西安,710086 |
| |
| 摘 要: | 对当前主流的木马技术原理进行了深入的剖析,对主流木马的基本功能、隐藏机制和传播途径进行了研究,对主流木马使用的两种技术——API HOOK技术和SPI技术进行了细致地分析,根据新型木马实现隐藏的机制,提出了相关检测和清除的技术,探索出了一种新型木马的检测和清除方法。最后总结出了可以对新型木马实施清除的有效方法,实现了利用迭代比较法查杀木马的示例软件。
|
| 关 键 词: | 远程线程插入技术 路径分析法 迭代比较法 木马技术 |
| 文章编号: | 1004-373X(2007)13-096-05 |
| 收稿时间: | 2006-12-06 |
| 修稿时间: | 2006-12-06 |
Research on Mainstream Trojan Horse and Its Attacking- defending Technology |
| |
| HU Yanjing,ZHANG Bing,WANG Haiyi,ZHANG Liqiong.Research on Mainstream Trojan Horse and Its Attacking- defending Technology[J].Modern Electronic Technique,2007,30(13):96-100. |
| |
| Authors: | HU Yanjing ZHANG Bing WANG Haiyi ZHANG Liqiong |
| |
| Abstract: | In this paper,the current mainstream Trojan horse technology principle is analyzed in depth and the new style Trojan horse hiding mechanism is analyzed as well.We study the basic function,the hide mechanism and spread route of mainstream Trojan horse.We focus on API HOOK technology and SPI technology and bring forward correlation examine and clear technology.Finally,we put forth an effective method to examine and clear the new style Trojan horse and apply iterative-comparative method in developing a demonstration software. |
| |
| Keywords: | remote-threading inserting technology path-analyzing method iterative-comparative method Trojan horse technology |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
