This is a thesis about different methods that can be used to detect spyware. Methods included are Layered Service Provider, Internet Protocol Helper API, TDI filtering and API hooking. Some firewall testing applications, leak tests, that use methods that can be used by real spyware program to penetrate firewalls have also been examined. The goal was to develop a Windows 2000/XP program that is able to detect as many of our examined leak tests as possible. Our program uses the methods TDI filtering and API hooking for detection of spyware because our study showed that these methods were the best. To evaluate the program it was tested against our examined leak test programs. Our program managed to detect all leak tests except one. / Fredrik Bergstrand cfb@home.se Johan Bergstrand jb78@home.se Håkan Gunnarsson hakan.gunnarsson@klostersfalad.se
Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:bth-5391 |
Date | January 2004 |
Creators | Bergstrand, Fredrik, Bergstrand, Johan, Gunnarsson, Håkan |
Publisher | Blekinge Tekniska Högskola, Avdelningen för programvarusystem, Blekinge Tekniska Högskola, Avdelningen för programvarusystem, Blekinge Tekniska Högskola, Avdelningen för programvarusystem |
Source Sets | DiVA Archive at Upsalla University |
Language | English |
Detected Language | English |
Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
Format | application/pdf |
Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0021 seconds