摘要
近几年出现的新型手机木马程序中犯罪嫌疑人手机号码、邮箱账户等信息均经过加密处理,破解这些加密数据是目前面临的取证难点问题。提出了一种手机木马程序的动态检验方法。该方法是将木马程序在一部手机上真实地运行起来,木马运行之后会自动解密数据,解密之后的数据会出现在木马发出的电子邮件和短信之中。自行开发的短信监控软件可以截获木马发出的短信数据,并从中提取出犯罪嫌疑人的手机号码。手机木马动态检验方法可以对新型木马程序实施有效的检验分析。
In a number of new Trojan program,the suspect's phone number,email accounts and other information are encrypted.It is a difficult problem to crack the encrypted data.A dynamic test method for mobile phone Trojan program is presented.In this test,Trojan program is run on a mobile phone,and Trojan will automatically decrypt data.Decryption data will appear in the e-mail and messages sent by Trojans.As long as we capture the data,we can extract the clear text data.The method can be used to extract the suspect's email account and password from the email data sent by Trojan horse.The message monitoring software designed by the author can be used to capture the short message data which is sent by Trojan horse,and extract the suspect's mobile phone number.The dynamic test method of mobile phone Trojan can be used to test the new Trojan horse.
出处
《中国刑警学院学报》
2017年第4期111-116,共6页
Journal of Criminal Investigation Police University of China
基金
辽宁省教育科学"十二五"规划课题(编号:JG14db440)
辽宁省自然科学基金计划项目(编号:2015020091)
公安理论及软科学研究计划课题(编号:2016LLYJXJXY013)
公安部技术研究计划课题(编号:2016JSYJB06)