摘要
木马以其隐蔽性强,变化迅速以及窃取文件等手段成为当前网络信息系统面临的安全威胁中危害最为严重的攻击手段之一。文中分析了木马采用的相关技术和传播方式,研究了木马分析与监测的方法与技术,在此基础上设计并实现了一个由基于网络信息流的网关型木马监测预警系统和主机木马检查取证系统组成的木马防护系统。
Because of its stronger concealment, rapid change and file steal, Trojan horse has become one of the most dangerous attack measures faced by the information system. This article analyzes the related technologies and propagations adopted by Trojan horse, discusses the methods and techniques for analyzing and monitoring Trojan horse. And thus an anti-Trojan horse system is designed and implemented, which is composed of gateway-type Trojan horse monitoring & early warning system and host-type Trojan horse detection and forensic system.
出处
《信息安全与通信保密》
2009年第10期54-56,共3页
Information Security and Communications Privacy
关键词
特洛伊木马
隐藏技术
端口反弹
木马防护
Trojan horse
concealment technique
port rebound
anti-Trojan horse