A Comparison of Trojan Virus Behavior in Linux and Windows Operating Systems
| Autor: | Al-Saadoon, Ghossoon. M. W., Al-Bayatti, Hilal M. Y. |
|---|---|
| Rok vydání: | 2011 |
| Předmět: | |
| Zdroj: | World of Computer Science and Information Technology Journal (WCSIT), Vol. 1, No. 3, 56-62, 2011 |
| Druh dokumentu: | Working Paper |
| Popis: | Trojan virus attacks pose one of the most serious threats to computer security. A Trojan horse is typically separated into two parts - a server and a client. It is the client that is cleverly disguised as significant software and positioned in peer-to-peer file sharing networks, or unauthorized download websites. The most common means of infection is through email attachments. The developer of the virus usually uses various spamming techniques in order to distribute the virus to unsuspecting users. Malware developers use chat software as another method to spread their Trojan horse viruses such as Yahoo Messenger and Skype. The objective of this paper is to explore the network packet information and detect the behavior of Trojan attacks to monitoring operating systems such as Windows and Linux. This is accomplished by detecting and analyzing the Trojan infected packet from a network segment -which passes through email attachment- before attacking a host computer. The results that have been obtained to detect information and to store infected packets through monitoring when using the web browser also compare the behaviors of Linux and Windows using the payload size after implementing the Wireshark sniffer packet results. Conclusions of the figures analysis from the packet captured data to analyze the control bit, and check the behavior of the control bits, and the usability of the operating systems Linux and Windows. Comment: 7 Pages |
| Databáze: | arXiv |
| Externí odkaz: |
|