Detection of Trojan horses by means of analysis of systemic behavior

Trojan horse is considered one of the most serious threats to computer security. Trojan horse is an executable file in the Windows operating system. This executable file will have certain static and dynamic characteristics. Several system processes in Windows will be called whenever a Trojan horse tries to perform any operation on the system. This article describes a new method for detecting Trojan horses using Windows dynamic libraries to identify system calls of Trojan horses. Process Explorer is used to identify malicious executables and determine whether they are Trojans or not.