Software for Computer Systems Trojans Detection as a Safety-Case Tool
暂无分享,去创建一个
This paper presents a behavioural model of Trojans which formalizes the features of Trojans performance in computer systems. The Trojans behavioural model represents its life cycle including three stages: penetration, activation and executing destructive actions. Software for Trojans detection was developed. It is based on methods of detection in ‘monitor’ and ‘scanner’ modes. Trojans detection in monitor mode is based on a novel technique for computer system Trojans detection which uses fuzzy logic. It enables a conclusion about the degree of danger of infecting the computer system with Trojans. Trojans detection in a scanner mode is based on a novel technique for constructing the protected sequences and generation of detectors based on algorithms for artificial immune systems. It allows to reveal the fact of system files substitution of Trojans’ versions. Trojan detection software allows to detect new Trojans with high degree of reliability and efficiency.
[1] Leandro Nunes de Castro,et al. Artificial Immune Systems: A New Computational Approach , 2002 .
[2] Michael Erbschloe. Trojans, Worms, and Spyware: A Computer Security Professional's Guide to Malicious Code , 2004 .
[3] Oleg Savenko,et al. Behavioral Trojans Model , 2007 .