Trojan Horse is said to be one of the most serious threats to computer security. A Trojan Horse is an executable file in the Windows operating system. This executable file will have certain static and runtime characteristics. Multiple system processes in the Windows OS will be called whenever a Trojan Horse tries to execute any operation on the system. In this paper, a new Trojan Horse detection method by using Windows Dynamic Link Libraries to identify system calls from a Trojan Horses is explicated. Process explorer is used to identify the malicious executables and to determine whether they are Trojans or not. Further, an attempt made to study the network behavior after a Trojan Horse is executed using Wireshark.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.