Abstract:
A banking trojan is one kind of malware that has the purpose of stealing the credential from the user's bank account. Tinba is the part of the banking trojan which has a small size among other malware. The purpose of this paper is to create a system that detects and prevents tinba traffic. The first step of detection is using the random forest method, and then the dataset comes from Stratosphere IPS. Machine learning will process the detection result with the random forest method to create the model which can recognize the tinba IP addresses. The last step of the research is to block the tinba traffic in the installed host.