For the past few years, malware or also known as malicious code is seen as one of the biggest threats of the cyber attacks. It has caused lot of damages, loss of money and productivity to many organizations and end users. Malicious code can be divided into many categories such as viruses, worms and trojan horses. Each of these categories has it owns implications and threats, and trojan horse has been chosen as the domain of this research paper. Prior to the formation of a new trojan horse detection model, an in-depth study and investigation of the existing trojan horse classification is presented in this paper. Surprisingly, not much research related with trojan horse has been done. On 16th January 2013, Troj/Invo- Zip has caused chaos by masquerading as an invoice from Europcar and spreading via email. Therefore, in this research paper, a new trojan horse classification called Efficient Trojan Horse Classification (ETC) is developed. This ETC later is used as a basis to build a model to detect trojan horse efficiently. The methods used to develop the ETC are the static and dynamic analyses. As for the dynamic analysis, cuckoo sandbox has been integrated to speed up the analysis and reverse engineering processes.

Living in a cyber-world, it is becoming very common for users to receive lots of emails with different files attachment. Sometimes some of the files might contain malicious file. It is not an easy job to differentiate between benign and malicious file in the email attachment without the help of the anti-virus. Worse than that many game applications can be downloaded free from many websites and it might contain malicious file as well. In Quran, surah AlFurqan, verse 53 (25:53) stated that how Allah, the all Mighty has made a barrier and inviolable obstruction so that two seas can flow freely. The seas were partition as palatable and sweet while the other was salt and bitter. When the meaning of this verse is mapped into current cyber world, obviously when dealing with malwares and normal file, a scientific way and an experimental design need to be carried out to differentiate between these two files. Trojan horse is an example of malicious file and it has become a real threat for computer users for more than a decade. It has caused loss lots of money and productivity and it considered as one of the most serious threats in cyber security. The Trojan polymorphism characteristics make the detection processes much harder than before. Therefore, in this research paper, a new model called ETDMo (Efficient Trojan detection model) is built to detect Trojan horse more efficiently. The static, dynamic and automated analyses have been conducted. Moreover, the knowledge discovery techniques (KDD) and the data mining algorithm were used to optimize the accuracy result. Based on the experiment conducted, this ETDMo model produces an overall accuracy rate of 98.2% with 1.7% for false positive rate.