Analysis and Improvements in Trojan Designing

While there are numerous Trojans out there in the internet, all of them are easily detected by antiviruses or blocked by firewalls. Apart from that, they are also easily detected and removed by any user with a good knowledge in Operating System and Security. This project’s objective is, therefore, to identify and remove the design flaws, add some improvements and features to make it undetectable. Antiviruses identify a threat mostly based on two factors. Either signature matching or heuristic analysis based of certain suspicious behaviors and patterns. This project here doesn’t consider the Blacklisting feature of an Anti-Virus. Now to avoid detection based on the other two factors, the main objective is to make the Trojan look like a normal legal program. To achieve this, the best way is to use the legal and secure facilities provided by Windows itself. This way, the Trojan will install and work similar to any other software; however, everything will be done stealthily. Apart from the traditional objective of giving backdoor access to victim’s computer, this Trojan here includes another objective of Bypassing firewalls and protecting itself for functioning properly as well. There is a tradeoff too and that needs to be mentioned before we proceed further. This tradeoff is between size and detection. The technique that is applied here to make this Trojan perfect will certainly increase its size. While traditional Trojans are less than 50KB in size, the proposed Trojan will be more than 400KB. Still, it isn’t a great problem as long as it is able to stay hidden