Abstract
It is very common for people across the globe to collaborate on the Internet and intellectual property amongst each other. A serious threat to this form of collaboration can come from “backdoor” attacks from hackers, who can distort the information content. For example, a backdoor attack may replace common operating system functions with malicious ones. A possible precaution against such an attack is to generate a signature database and compare the signature of a system functionality with its golden signature before using the functionality. We present an alternate and novel method to detect Trojan activity. Called time fingerprinting, the method relies on observing a finite number of fingerprints during signature generation and tracing the Trojan fingerprints in system files. We have verified the desired properties using common semi trusted operating system files.