What Level of Risk Do Trojans Represent

by Marcel Baldwin.
Share
|
Homepage | Submit your article | Contact | TOS
More articles on software  

You are here: Categories » Computers and technology » Software

Trojans can represent a moderate-to-serious level of risk, mainly for reasons already discussed:

  • New Trojans are difficult to detect using heuristic detection. (Unless you use the somewhat sweeping heuristic that a change in a file detected automatically is likely to indicate a Trojan substituted for a legitimate file.) There is no absolute test for code to determine whether it is (or is not) a Trojan because author intent and user expectations are not generally susceptible to automated analysis.

  • In most cases, Trojans are found in binaries, which remain largely in non-human-readable form. However, the fact that the code is largely static does make Trojans at least as susceptible to "known-something" detection as viruses. In other words, when a known malicious program is identified, it can be detected by software updated with an appropriate search string. Remember that, by most definitions, replication is not a characteristic of the Trojan breed. Trojans spread through the action of being copied by an attacker or a victim socially engineered into carrying out the attacker's wishes, not by self-copying. Thus it is not usually feasible for an attacker to utilize techniques such as polymorphism to reduce the chance of detection. Since the copying of the program is not a function of the program itself, the program has no means of evolving into a nonidentical copy (a morph) of itself.

Nevertheless, undetected Trojans can lead to total system compromise. A Trojan can be in place for weeks or even months before it's discovered. In that time, a cracker with root privileges could alter the entire system to suit his or her needs. Even when the Trojan is discovered, many hidden loopholes might be left behind when it is removed.

Share
Leave a comment or ask a question
Total comments: 0

Software Disclaimer

  • The e-articles directory is not responsible for any and all copyright infringements by writers and authors. If you suspect the information contained by this page for any copyright infringements, please contact us to investigate the issue
Remote Access Services (RAS) under Windows XP Professional - Authentication protocols • EAP - Extensible Authentication Protocol. A set of APIs in Windows for developing new security protocols as needed to accommodate new technol (more...)
Detecting SoftICE by Calling INT 3h - This is one of the most well known anti-debugging tricks, and it uses a back door in SoftICE itself. It works in all versions of Windows, and it is based on calling INT 3h with registers containing (more...)
Detecting SoftICE by Calling INT 68h - Here's a way to detect the presence of SoftICE in memory by calling INT contain the value 43h before calling INT be in the AX register. 68h. The AH register must 68h. If SoftICE is active in memor (more...)
How Can You Increase Your computer performance - Basic computer knowledge or/ and appropriate technical assistance can help you increase computer performance. Computers have become an expected supporter in this modern world. O (more...)
Detecting SoftICE by Searching Memory - This detection searches the memory in the V86 mode for the WINICE.BR string. Because this method is infrequently used, it's worth considering, though it can only be used in Windows 9x. Thi (more...)
Fight for the Future, Digital Future: Google VS Apple - We can be proud as we watch one of the greatest virtual wars unleashing at the digital market. If 15 years ago it was Apple Vs Windows confrontation, today it has slightly changed its main parties (more...)
The Beginner's Guide to iPad Video Conversion on Mac - So, you've just taken in a shiny new iPad and impressed by its beautiful display. There are several possible sources of content that you will want to convert for viewi (more...)
Touch and View: iPad application - iPad application development has become an extremely popular topic at numerous conferences and workshops since the product introduction keynote. Mobile software companies went boldly into the une (more...)
Deciding on TIFF vs. JPEG Output for Scanned Images - It can be difficult to understand which file type is best for saving your scanned images. Here's a brief breakdown of the two most common options. Preserving beloved memories is on (more...)
Photoshop Clipping Path and Masking Techniques :: Wonderful Technique to Knock Out Image Background - Graphic design is being the promotional key in every spare of business and individual life. Business organizations seek graphic tools to have publicity by dint of bill board, catalogs, magazines, w (more...)
 
free content
    Copyright © 2006 - 2012 e-articles.info.
The texts, articles and tutorials in the directory are property of their respective owners and authors.