Applied-Information Technology with Trojan Horse Detection Method Based on C5.0 Decision Tree

This paper discusses the Trojan horse detection methods by analysis on Portable Executable File Format through which we can get much useful information. In order to deal with the information extracted from Portable Executable file, our methods constructed a decision tree based on C5.0 decision tree algorithm. Our approach can be divided into two steps. Firstly, we extracted some features from Portable Executable file by a portable executable attribute filter. Secondly, we handled the features extracted and then construct a classifier to identify the Trojan horse. The original in this paper is the application of a more effective algorithm C5.0 to construct the decision tree.