Abstract
Nowdays we are more and more concerned with the security of networks for it is vulnerable for the Internet to be attacked. Trojan horses are dangerous tools to attack the Internet. Particularly, there are numerous Trojan horses for Windows system and some new Trojan horses are created almost everyday. In this paper, we address the problem of Trojan horse detection and present a new method to detect Trojan horses. By this method, we monitor the packages transmitted by a computer in real-time, identify the ports through which the packages are transmitted. With the port number known and the information provided by the operation system, we then find the process that sends the packages through a port and the program file that creates the process is traced. In this way, we link the port being used to the corresponding process. By doing so, we can detect not only the known Trojan horses with more accuracy, but also detect new Trojans. This approach is implemented in Window system. Experiments have been carried out and results show the effectiveness of the method.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
