摘要: 针对当前木马病毒向核心态发展的趋势,为给反病毒研究提供技术参考和依据,该文对NDIS体系结构进行了分析,提出一种基于NDIS驱动的木马隐蔽通信方法,以该方法为依据设计和实现了木马验证模型并对其进行分析和测试。测试结果验证了模型的非接触式穿透防火墙性能。
关键词:
NDIS驱动,
验证模型,
隐蔽通信,
非接触式,
防火墙
Abstract: As the development trend of trojan virus to the kernel, in order to provide anti-virus technology reference, this paper analyzes the NDIS architecture, puts forward a concealed communication method based on NDIS driver technology, designs and realizes a trojan virus model based on this method, analyzes and testes it. The result of the test proves the non-touch firewall penetration ability of the trojan model.
Key words:
NDIS driver,
test model,
covert communication,
untouched,
firewall
中图分类号:
杨志程;舒 辉;董卫宇. 基于NDIS隐蔽通信技术的木马病毒分析[J]. 计算机工程, 2008, 34(10): 147-149.
YANG Zhi-cheng; SHU Hui; DONG Wei-yu. Analysis of Trojan Virus Based on NDIS Covert Communication Technology[J]. Computer Engineering, 2008, 34(10): 147-149.