Abstract
Compared with the rapidly developing technology of Trojan hiding, hooking, stealing and anti-removing, the detection and recognition technology grows relatively slowly. Signature code detecting technology requiring mass storage and unable to predict new Trojan, heuristic scanning with high misreporting rate and false rate, this article is proposing algebra to describe and detect the behavior of the Trojan. Specifically, let the node of the lattice denote the status of the Trojan, and the operations in the lattice denote the combination of the behavior of Trojans. Thus, the lattice model supplies a quantitative way to identify the Trojan. Boolean Algebra (BA) and Concept Lattice (CL) are two models that are extended on model construction, identification method, and application. Finally, we present theoretical support and sample implementation process to test the theory and the test result is positive so far.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Thimbleby, H., Anderson, S., Cairns, P.: A Framework for Modelling Trojans and Computer Virus Infection. Computer Journal 41(7), 444–458 (1998)
Zhuge, J., Holze, T., Song, C., et al.: Studying Malicoius Websites and the Underground Economy on the Chinese Web. In: The 7th Workshop on the Economics of Information Security (WEIS 2008), Hanover, New Hampshire, USA, June 25-28, pp. 123–125 (2008)
Haldar, V., Franz, M.: Symmetric Behavior-Based Trust: A New Paradigm for Internet Computing. In: Proceedings of the 2004 New Security Paradigms Workshop, pp. 79–84. ACM Press, Nova Scotia (2004)
Hofmeyr, S.A., Forrest, S., Somayaji, A.: Intrusion Detection using Sequences of System Calls. Journal of Computer Security, 23–30 (1998)
Kirda, E., Kruegel, C., Banks, G., et al.: Behavior-based Spyware Detection. In: 15th USENIX Security Symposium, pp. 273–288. USENIX, Vancouver (2006)
Chakraborty, R.S., Wolff, F., Paul, S., Papachristou, C., Bhunia, S.: MERO: A Statistical Approach for Hardware Trojan Detection. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 396–410. Springer, Heidelberg (2009)
Jin, Y., Makris, Y.: Hardware Trojan Detection Using Path Delay Fingerprint. Hardware-Oriented Security and Trust, 51–57 (June 2008)
Wei, S., Potkonjak, M.: Scalable Consistency-based Hardware Trojan Detection and Diagnosis. In: The 5th International Conference on Network and System Security, pp. 176–183 ( September 2011)
Dahn, B.I.: Robbins Algebras are Boolean: A Revision of McCune’s Computer-Generated Solution of the Robbins Problem. Journal of Algebra 208, 526–532 (1998) ISSN 0021-8693
Davey, B.A., Priestley, H.A.: Introduction to Lattices and Order. Cambridge University Press (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer International Publishing Switzerland
About this paper
Cite this paper
Peng, A., Han, L., Yu, Y., Du, N., Li, M. (2013). Algebra-Based Behavior Identification of Trojan Horse. In: Wang, G., Ray, I., Feng, D., Rajarajan, M. (eds) Cyberspace Safety and Security. CSS 2013. Lecture Notes in Computer Science, vol 8300. Springer, Cham. https://doi.org/10.1007/978-3-319-03584-0_24
Download citation
DOI: https://doi.org/10.1007/978-3-319-03584-0_24
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-03583-3
Online ISBN: 978-3-319-03584-0
eBook Packages: Computer ScienceComputer Science (R0)