Academic Journals Database
Disseminating quality controlled scientific knowledge

A Comparison of Trojan Virus Behavior in Linux and Windows Operating System

Author(s): Ghossoon. M. W. Al-Saadoon | Hilal M.Y. Al-Bayatt

Journal: World of Computer Science and Information Technology Journal
ISSN 2221-0741

Volume: 1;
Issue: 3;
Start page: 56;
Date: 2011;
VIEW PDF   PDF DOWNLOAD PDF   Download PDF Original page

Keywords: Trojan horse behavior | Internet Security | Segment of Network | Pcap- Packet CAPture | Payload.

Trojan virus attacks pose one of the most serious threats to computer security. A Trojan horse is typically separated into two parts – a server and a client. It is the client that is cleverly disguised as significant software and positioned in peer-to-peer file sharing networks, or unauthorized download websites. The most common means of infection is through email attachments. The developer of the virus usually uses various spamming techniques in order to distribute the virus to unsuspecting users. Malware developers use chat software as another method to spread their Trojan horse viruses such as Yahoo Messenger and Skype. The objective of this paper is to explore the network packet information and detect the behavior of Trojan attacks to monitoring operating systems such as Windows and Linux. This is accomplished by detecting and analyzing the Trojan infected packet from a network segment -which passes through email attachment- before attacking a host computer.The results that have been obtained to detect information and to store infected packets through monitoring when using the web browser also compare the behaviors of Linux and Windows using the payload size after implementing the Wireshark sniffer packet results. Conclusions of the figures analysis from the packet captured data to analyze the control bits and , check the behavior of the control bits, and the usability of the operating systems Linux and Windows.
Save time & money - Smart Internet Solutions     

Tango Rapperswil
Tango Rapperswil