摘要： 提出了一种基于文件静态信息检测木马文件的新方法，并以PE 文件为分析对象，利用决策树与基于BP 学习算法的分层网络，设计了基于文件静态信息的木马检测模型，实验证明，该模型能有效地判断文件是否为木马文件。

关键词: 木马检测；数据挖掘；决策树；神经网络；PE 文件

Abstract: A new detecting method based on file’s static attributes is proposed, and intelligent information processing techniques are used to analyze those static attributes, such as decision tree, BP network. Further, a detection model is established to estimate whether a PE file is a Trojan horse. Experimental results validate the work.

Key words: Trojan horses detection; Data mining; Decision tree; Neural networks; Portable executable file