Title :
Invisible Trojan: an architecture, implementation and detection method
Author :
Beyah, Raheem A. ; Holloway, Michael C. ; Copeland, John A.
Author_Institution :
Commun. Syst. Center, Georgia Inst. of Technol., Atlanta, GA, USA
Abstract :
In this paper, we give an overview of different system-security tools, including several types of intrusion detection systems (IDSs) and host based detection tools. We also discuss, in detail, port scanning and the primary algorithm used in current port-scanning devices. In addition, we discuss the limitations in the current algorithms used in port-scanning devices and exploit these limitations by implementing an invisible Trojan that can elude today´s port scanners. Finally, we discuss defenses against this type of Trojan. This includes: a proposed method that port-scanning devices can implement, as well as general system-security recommendations.
Keywords :
access control; computer crime; computer viruses; data privacy; telecommunication security; IDS; Trojan defenses; Trojan detection method; Trojan implementation; host based detection tools; intrusion detection systems; invisible Trojan architecture; port scanning; system security tools; Computer architecture; Computer networks; Data security; Databases; Educational institutions; Information security; Intrusion detection; Investments; Open source software; Pattern matching;
Conference_Titel :
Circuits and Systems, 2002. MWSCAS-2002. The 2002 45th Midwest Symposium on
Print_ISBN :
0-7803-7523-8
DOI :
10.1109/MWSCAS.2002.1187083
