資源描述:
《畢業(yè)設(shè)計(論文)-一種通過通信隱藏手段而設(shè)計的木馬》由會員上傳分享���,免費在線閱讀��,更多相關(guān)內(nèi)容在學(xué)術(shù)論文-天天文庫��。
1�、591論文網(wǎng)www.591LW.com一種通過通信隱藏手段而設(shè)計的木馬摘要近年來�,特洛伊木馬等惡意代碼己經(jīng)成為網(wǎng)絡(luò)安全的重要威脅�����。很多國家都采取積極的網(wǎng)絡(luò)安全防御措施,投入大量的人力和物力研究網(wǎng)絡(luò)信息安全技術(shù)。文章首先分析了傳統(tǒng)木馬的一般工作原理及其植入��、加載��、隱藏等關(guān)鍵技術(shù)���。隨著網(wǎng)絡(luò)技術(shù)的不斷更新和發(fā)展��,木馬技術(shù)也在不斷地更新?lián)Q代,現(xiàn)代木馬的進(jìn)程隱藏和通信隱藏等等都發(fā)生了變化�。進(jìn)程的隱藏和通信的隱藏一直是木馬程序設(shè)計者不斷探求的重要技術(shù)��。攻擊者為達(dá)到進(jìn)程隱藏的目的�,采用遠(yuǎn)程線程和動態(tài)鏈接庫,將木馬作為線程隱藏在其他進(jìn)程中�。選用一般安全策略都允許的
2、端口通信,如80端口���,則可輕易穿透防火墻和避過入侵檢測系統(tǒng)等安全機制的檢測,從而具有很強的隱蔽性��。本文研究了如何將Windows環(huán)境下的動態(tài)鏈接庫(DLL)技術(shù)與遠(yuǎn)程線程插入技術(shù)結(jié)合起來實現(xiàn)特洛伊木馬植入的新方案�����。在該方案中��,提出了特洛伊木馬程序DLL模塊化,并且創(chuàng)建了獨立的特洛伊木馬植入應(yīng)用程序��,將木馬程序的DLL模塊植入宿主進(jìn)程�����。實驗結(jié)果證明該方案能實現(xiàn)的木馬植入��,具有很好的隱蔽性和靈活性���。關(guān)鍵詞:特洛伊木馬����;動態(tài)連接庫��;進(jìn)程插入�����;遠(yuǎn)程線程591論文網(wǎng)www.591LW.comTheDesignandImplementationofTrojan
3�、HorsesBaseonProcessHidingandCommunicationsHidingAbstractInrecentyears,maliciouscodesincludingTrojanhavethreatenednetworkinformationsecurity,andmoreandmorecountriespaidattentiontotakeactivemeasurestoprotectthenetwork,andspentalotinresearchtodevelopnetworkinformationsecuritytech
4、nologymentallyandmaterially.Thispaperfirstlyanalysesthebasicprinciple,entrytechnology,loadtechnologyandhidingtechnologyoftraditionalTrojanhorse.Withthedevelopmentofnetworktechnology,Trojanhorsetechnologyisupgradingconstantly.ModernTrojanhorseischangedinprocesshidingandcommunic
5���、ationhiding.TheprocesshidingandcommunicationshidingareimportanttechnologybeingexploredbyTrojanhorseprogrammersalllong.Adoptingthemeasureofdynamiclinkstorage,andRemoteThreadtechnology,andhidingTrojanhorsebehindtheotherprocessesasathreadprogram,itiseasytohide.Choosingtheportcorr
6��、espondencewhichispermittedbyalmostalltheordinarysecuritypolicy,likes80port,mayeasilypenetratethefirewallandavoidtheexamineofsecuritysystemsasinvasion-checkingmechanismsandsoon.Thus,ithasaverystrongcovered.ThispaperisimplementedtheinjectionofTrojanhorsebycombiningthetechnologyo
7��、fDLL(dynamiclinkinglibrary)andofremotethreadinjectionontheWindowsplatform.Inthispaper,modularizationofTrojanhorseprocessisproposedtocreateanindependentTrojanhorseinjectionprocess,thus,toinjectTrojanhorseDLLmoduletothehostprocess.Experimentalresultsshowthattheprogramcouldrealiz
8�、etheTrojaninjectedwithgoodcoveredandflexibility.KeyWords:Troj
