摘要： 针对当前木马病毒向核心态发展的趋势，为给反病毒研究提供技术参考和依据，该文对NDIS体系结构进行了分析，提出一种基于NDIS驱动的木马隐蔽通信方法，以该方法为依据设计和实现了木马验证模型并对其进行分析和测试。测试结果验证了模型的非接触式穿透防火墙性能。

关键词: NDIS驱动, 验证模型, 隐蔽通信, 非接触式, 防火墙

Abstract: As the development trend of trojan virus to the kernel, in order to provide anti-virus technology reference, this paper analyzes the NDIS architecture, puts forward a concealed communication method based on NDIS driver technology, designs and realizes a trojan virus model based on this method, analyzes and testes it. The result of the test proves the non-touch firewall penetration ability of the trojan model.

Key words: NDIS driver, test model, covert communication, untouched, firewall

中图分类号: 

• TP309