摘要
木马病毒是目前感染计算机最严重的病毒,也是黑客进行网络攻击的重要工具.木马的危害性极大,窃取用户私密信息,威胁人民财产安全.通过分析木马的攻击原理,详细阐述木马的多种隐藏方式及发现技术,采用软件Autoruns、狙剑及Fport进行木马发现仿真实验,实验表明该软件可以成功检测出自启动运行的木马,修改系统服务描述符表的木马和修改动态链接库文件的木马,为进一步清除计算机中的木马病毒奠定基础.
Trojan virus is the most serious virus infected computer at present, and it is also an important tool for hackers to attack network. Based on the great harmfulness, stealing private information, threatening people's property safety, this paper analyzes the attack principle of Trojan, elaborates the technology of Trojan hidden and found, and use Autoruns and Fport softwares to find Trojan through simulation experiments. The experiments show that the software can successfully detect Trojan from starting up operation,modifying system service description table and modifying dynamic link library files, so as to lay a foundation for cleaning Trojan virus in computer.
作者
任皓
刘敏超
REN Hao;LIU Min-chao(Department of Computer, Chinese PLA General Hospital, Beijing 100853, P.R.C.)
出处
《中国数字医学》
2019年第6期76-78,共3页
China Digital Medicine
基金
医疗大数据共享服务平台的研发(编号:2017MBD-029)~~
