Access the full text.
Sign up today, get DeepDyve free for 14 days.
Loading next page...
/lp/inderscience-publishers/a-dynamic-backdoor-detection-system-based-on-dynamic-link-libraries-eA5xDfd4hN
- Publisher
- Inderscience Publishers
- Copyright
- Copyright © Inderscience Enterprises Ltd. All rights reserved
- ISSN
- 1751-200X
- eISSN
- 1751-2018
- DOI
- 10.1504/IJBSR.2008.020577
- Publisher site
- See Article on Publisher Site
Abstract
We present a two-layer backdoor detection system in the article. In the first-layer, Zhang and Paxson's method is applied to identify keystroke interactive connection from network traffic. In the second-layer, we adopt the Dynamic Link Library (DLL) injection technique to record all DLLs employed by the programme that evokes such interactive connection. Compared the recorded data with some pre-defined Common Feature Tables, the second-layer can then determine whether the monitored programme is a backdoor. By experiments, the best result of our system got 94.44% detection rate while False Positive was zero. In the case, the overall accuracy was 97.22%.
Journal
International Journal of Business and Systems Research – Inderscience Publishers
Published: Jan 1, 2008