De Aller-Bedste Bøger - over 12 mio. danske og engelske bøger
Levering: 1 - 2 hverdage

Analysis of Automated Rootkit Detection Methodologies

Bag om Analysis of Automated Rootkit Detection Methodologies

The focus of this study was to identify, analyze, compare, and evaluate the effectiveness of rootkit detection methodologies. Specifically, two methodologies were studied in depth. The first is the heuristic of statically analyzing kernel module binaries, which attempts to determine whether or not a software module's behavior is malicious, prior to passing it to the operating system. The second methodology analyzed in this paper, the Strider Ghostbuster framework, compares what a computer system believes to be true (i.e., what modules are visible to the OS) to the absolute ¿truth,¿ which is determined via low-level system programming. The expected results of this comparison should always be equal, unless a malicious tampering on the system is observed. After comparing the effectiveness of detection methodologies on a set of well-known (and publicly available) rootkits, including a very simple rootkit built by the author, the methodologies are compared and their effectiveness is evaluated.

Vis mere
  • Sprog:
  • Engelsk
  • ISBN:
  • 9783844384833
  • Indbinding:
  • Paperback
  • Sideantal:
  • 116
  • Udgivet:
  • 6. juni 2011
  • Størrelse:
  • 152x229x7 mm.
  • Vægt:
  • 181 g.
  • 2-3 uger.
  • 19. december 2024
Forlænget returret til d. 31. januar 2025

Normalpris

Abonnementspris

- Rabat på køb af fysiske bøger
- 1 valgfrit digitalt ugeblad
- 20 timers lytning og læsning
- Adgang til 70.000+ titler
- Ingen binding

Abonnementet koster 75 kr./md.
Ingen binding og kan opsiges når som helst.

Beskrivelse af Analysis of Automated Rootkit Detection Methodologies

The focus of this study was to identify, analyze, compare, and evaluate the effectiveness of rootkit detection methodologies. Specifically, two methodologies were studied in depth. The first is the heuristic of statically analyzing kernel module binaries, which attempts to determine whether or not a software module's behavior is malicious, prior to passing it to the operating system. The second methodology analyzed in this paper, the Strider Ghostbuster framework, compares what a computer system believes to be true (i.e., what modules are visible to the OS) to the absolute ¿truth,¿ which is determined via low-level system programming. The expected results of this comparison should always be equal, unless a malicious tampering on the system is observed. After comparing the effectiveness of detection methodologies on a set of well-known (and publicly available) rootkits, including a very simple rootkit built by the author, the methodologies are compared and their effectiveness is evaluated.

Brugerbedømmelser af Analysis of Automated Rootkit Detection Methodologies



Find lignende bøger
Bogen Analysis of Automated Rootkit Detection Methodologies findes i følgende kategorier: