An Efficient Trojan Horse Classification (ETC)
For the past few years, malware or also known as malicious code is seen as one of the biggest threats of the cyber attacks. It has caused lot of damages, loss of money and productivity to many organizations and end users. Malicious code can be divided into many categories such as viruses, worms and trojan horses. Each of these categories has it owns implications and threats, and trojan horse has been chosen as the domain of this research paper. Prior to the formation of a new trojan horse detection model, an in-depth study and investigation of the existing trojan horse classification is presented in this paper. Surprisingly, not much research related with trojan horse has been done. On 16th January 2013, Troj/Invo-Zip has caused chaos by masquerading as an invoice from Europcar and spreading via email. Therefore, in this research paper, a new trojan horse classification called Efficient Trojan Horse Classification (ETC) is developed. This ETC later is used as a basis to build a model to detect trojan horse efficiently. The methods used to develop the ETC are the static and dynamic analyses. As for the dynamic analysis, cuckoo sandbox has been integrated to speed up the analysis and reverse engineering processes.
Keywords: Trojan horse, classification, payload, static analysis, dynamic analysis, automated analysis
Download Full-Text
ABOUT THE AUTHORS
Madihah Mohd Saudi
Madihah Mohd Saudi is a senior lecturer at the Faculty Science and Technology (FST), Universiti Sains Islam Malaysia (USIM). She graduated her Bachelor degree in Computer Science from Universiti Kebangsaan Malaysia(UKM), then obtained her Master degree in Software Engineering from Universiti Malaya (UM), Malaysia and her PhD degree in Computer Security from University of Bradford, United Kingdom. She is a senior member of IEEE and IACSIT and a member of SDWIC and IAENG. Her current research interests include malware detection and response, incident response, network security, computer forensics, social engineering and machine learning. She has published numerous papers on the above and related topics. She is the corresponding author for this research paper.
Areej Mustafa Ahmad
Areej Mustafa Abuzaid is currently a Master candidate in Information and Security (ISA) Programme at Faculty Science and Technology (FST), Universiti Sains Islam Malaysia (USIM).
Bachok M Taib
Bachok M Taib is a professor at the Faculty Science and Technology (FST), Universiti Sains Islam Malaysia (USIM). He graduated his Bachelor degree in Mathematics from Universiti Kebangsaan Malaysia (UKM), obtained his Master degree in Numerical Methods from University of Reading, United Kingdom and his PhD in Numerical Fluid Mechanics from Wollongong University, New South Wales, Australia. He is a member of Persatuan Sains Matematik Malaysia (PERSAMA). His research interests are Numerical Computation and Mathematical Modelling
Zul Hilmi Abdullah
Zul Hilmi Abdullah is an academician at the Faculty of Science and Technology (FST), Universiti Sains Islam Malaysia (USIM). He obtained his Bachelor degree of Computer Science from Universiti Putra Malaysia (UPM) and his Master of Information Security from Universiti Teknologi Malaysia (UTM). His research interests include information security and expert systems.
Madihah Mohd Saudi
Madihah Mohd Saudi is a senior lecturer at the Faculty Science and Technology (FST), Universiti Sains Islam Malaysia (USIM). She graduated her Bachelor degree in Computer Science from Universiti Kebangsaan Malaysia(UKM), then obtained her Master degree in Software Engineering from Universiti Malaya (UM), Malaysia and her PhD degree in Computer Security from University of Bradford, United Kingdom. She is a senior member of IEEE and IACSIT and a member of SDWIC and IAENG. Her current research interests include malware detection and response, incident response, network security, computer forensics, social engineering and machine learning. She has published numerous papers on the above and related topics. She is the corresponding author for this research paper.
Areej Mustafa Ahmad
Areej Mustafa Abuzaid is currently a Master candidate in Information and Security (ISA) Programme at Faculty Science and Technology (FST), Universiti Sains Islam Malaysia (USIM).
Bachok M Taib
Bachok M Taib is a professor at the Faculty Science and Technology (FST), Universiti Sains Islam Malaysia (USIM). He graduated his Bachelor degree in Mathematics from Universiti Kebangsaan Malaysia (UKM), obtained his Master degree in Numerical Methods from University of Reading, United Kingdom and his PhD in Numerical Fluid Mechanics from Wollongong University, New South Wales, Australia. He is a member of Persatuan Sains Matematik Malaysia (PERSAMA). His research interests are Numerical Computation and Mathematical Modelling
Zul Hilmi Abdullah
Zul Hilmi Abdullah is an academician at the Faculty of Science and Technology (FST), Universiti Sains Islam Malaysia (USIM). He obtained his Bachelor degree of Computer Science from Universiti Putra Malaysia (UPM) and his Master of Information Security from Universiti Teknologi Malaysia (UTM). His research interests include information security and expert systems.
