Return to search

Localization of Spyware in Windows Environments

This is a thesis about different methods that can be used to detect spyware. Methods included are Layered Service Provider, Internet Protocol Helper API, TDI filtering and API hooking. Some firewall testing applications, leak tests, that use methods that can be used by real spyware program to penetrate firewalls have also been examined. The goal was to develop a Windows 2000/XP program that is able to detect as many of our examined leak tests as possible. Our program uses the methods TDI filtering and API hooking for detection of spyware because our study showed that these methods were the best. To evaluate the program it was tested against our examined leak test programs. Our program managed to detect all leak tests except one. / Fredrik Bergstrand cfb@home.se Johan Bergstrand jb78@home.se Håkan Gunnarsson hakan.gunnarsson@klostersfalad.se

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:bth-5391
Date January 2004
CreatorsBergstrand, Fredrik, Bergstrand, Johan, Gunnarsson, Håkan
PublisherBlekinge Tekniska Högskola, Avdelningen för programvarusystem, Blekinge Tekniska Högskola, Avdelningen för programvarusystem, Blekinge Tekniska Högskola, Avdelningen för programvarusystem
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.0021 seconds