Trojan program detection method, device, equipment and storage medium

Trojan program detection method, device, equipment and storage medium

The invention discloses a detection method of a Trojan horse program, which is applied to a server, comprising the following steps: when a computer process is detected, obtaining an uplink flow rate and a downlink flow rate of the computer process; and then judging whether the uplink flow is greater...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: LIN SUHONG, WANG MENG
Format: Patent
Sprache:chi ; eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention discloses a detection method of a Trojan horse program, which is applied to a server, comprising the following steps: when a computer process is detected, obtaining an uplink flow rate and a downlink flow rate of the computer process; and then judging whether the uplink flow is greater than the downlink flow; if so, it is determined that there is a Trojan Horse process in the computer process, thereby determining that there is a Trojan Horse program in the server. Because when there is a Trojan on the server, no matter how the Trojan disguises itself, as long as the functions andpurposes of the completion are unchanged, the traffic characteristics transmitted between the server and the client are difficult to change; therefore, compared with the prior art, the method can more accurately detect whether there is a Trojan horse program in the server, so as to be able to check and kill the Trojan horse program, thereby ensuring the security of the server. The invention alsodiscloses a detection devi