Trojan Detection

Document Update Time (2019/11/7)

Trojan detection function independently developed by uhids, having various detection methods such as code analysis, data flow analysis, abnormal network traffic analysis, etc, using a detection system combining cloud big data analysis and static rules to analyze malicious code etc. It can discover php, jsp website backdoors, ransomware, ddos backdoor, botnet, and various common viruses.

Detection Principle

Uhids will check specific directories and processes on the server to determine whether the process and files are trojans, if so, it will alert.

Detection Period

By default, it will be checked once an hour.

After cleaning up the risk, it will be re-checked for the risk within 1 hour, if it finds the risk has been fixed, it will automatically delete the alert.

Detection Items

Webshell Trojan Files

Security baseline check Login security