Inlämning av Examensarbete / Submission of Thesis

Fredrik Bergstrand; Johan Bergstrand; Håkan Gunnarsson 9, pp. 27. TEK/avd. för programvaruteknik, 2004.

The work

Författare / Author: Fredrik Bergstrand, Johan Bergstrand, Håkan Gunnarsson
Titel / Title: Localization of Spyware in Windows Environments
Abstrakt Abstract:

This is a thesis about different methods that can be used to detect spyware. Methods included are Layered Service Provider, Internet Protocol Helper API, TDI filtering and API hooking. Some firewall testing applications, leak tests, that use methods that can be used by real spyware program to penetrate firewalls have also been examined. The goal was to develop a Windows 2000/XP program that is able to detect as many of our examined leak tests as possible. Our program uses the methods TDI filtering and API hooking for detection of spyware because our study showed that these methods were the best. To evaluate the program it was tested against our examined leak test programs. Our program managed to detect all leak tests except one.

Ämnesord / Subject: Datavetenskap - Computer Science\Software Engineering

Nyckelord / Keywords: spyware, firewall, leak test, API hooking

Publication info

Dokument id / Document id:
Program:/ Programme Magisterprogram Datavetenskap, 40 poäng/Master programme Computer Science
Registreringsdatum / Date of registration: 06/03/2005
Uppsatstyp / Type of thesis: D-Uppsats/Magister/Master


Handledare / Supervisor: Bengt Carlsson
Organisation / Organisation: Blekinge Institute of Technology
Institution / School: TEK/avd. för programvaruteknik
S-372 25 Ronneby
+46 455 38 50 00
Anmärkningar / Comments:

Fredrik Bergstrand
Johan Bergstrand
Håkan Gunnarsson

Files & Access

Bifogad uppsats fil(er) / Files attached: spydetector.pdf (460 kB, öppnas i nytt fönster)