# Web Trojan Detection
Document Last Updated (2024/12/12)
___

The Web Trojan Detection feature of UHIDS Host Intrusion Detection, independently developed, utilizes code analysis methods and combines cloud big data analysis with static rule-based detection systems to detect stealthy Web Trojan viruses.

## Detection Principle

UHIDS Host Intrusion Detection checks Web files on the server, using static rules and the cloud virus database to determine whether the Web file is a Trojan. If it is, an alert will be triggered.

## Detection Cycle

- The plugin will enter real-time monitoring after locating the Web directory upon startup.
- After clearing the risk, if the file changes, it will be detected in real-time. If the risk is found to be fixed, the alert will be automatically deleted.

## Detection Items

| Detection Item | Description |
| -------------- | ----------- |
| php            | Supports detection of PHP-based web Trojan viruses |
| jsp            | Supports detection of Java-based web Trojan viruses |
| jspx           | Supports detection of Java-based web Trojan viruses |
| asp            | Supports detection of .NET-based web Trojan viruses |
| aspx           | Supports detection of .NET-based web Trojan viruses |