Abstract
Living in a cyber-world, it is becoming very common for users to receive lots of emails with different files attachment. Sometimes some of the files might contain malicious file. It is not an easy job to differentiate between benign and malicious file in the email attachment without the help of the anti-virus. Worse than that many game applications can be downloaded free from many websites and it might contain malicious file as well. In Quran, Surah Al-Furqan, verse 53 (25: 53) stated that how Allah, the all Mighty has made a barrier and inviolable obstruction so that two seas can flow freely. The seas were partition as palatable and sweet while the other was salt and bitter. When the meaning of this verse is mapped into current cyber world, obviously when dealing with malwares and normal file, a scientific way and an experimental design need to be carried out to differentiate between these two files. Trojan horse is an example of malicious file and it has become a real threat for computer users for more than a decade. It has caused loss lots of money and productivity and it considered as one of the most serious threats in cyber security. The Trojan polymorphism characteristics make the detection processes much harder than before. Therefore, in this research paper, a new model called ETDMo (Efficient Trojan detection model) is built to detect Trojan horse more efficiently. The static, dynamic and automated analyses have been conducted. Moreover, the knowledge discovery techniques (KDD) and the data mining algorithm were used to optimize the accuracy result. Based on the experiment conducted, this ETDMo model produces an overall accuracy rate of 98.2% with 1.7% for false positive rate.