Transcription of Detecting kernel rootkits - Dartmouth Computer Science
{{id}} {{{paragraph}}}
Detecting kernel rootkitsAshwin RamaswamyDepartment of Computer ScienceDartmouth CollegeMasters Thesis ProposalDartmouth Computer Science Technical Report TR2008-627 Proposal Presentation Date: 2 September, 2008 AbstractKernel rootkits are a special category of malware that are deployed directly in thekernel and hence have unmitigated reign over the functionalities of the kernel seek to detect such rootkits that are deployed in the real world by first observinghow the majority of kernel rootkits operate. To this end, comparable to how rootkitsfunction in the real world, we write our own kernel rootkit that manipulates the networkdriver, thus giving us control over all packets sent into the then implement a mechanism to thwart the attacks of such rootkits by noticingthat a large number of the rootkits deployed today rely heavily on the redirection offunction pointers within the kernel .
Detecting kernel rootkits Ashwin Ramaswamy Department of Computer Science Dartmouth College ... Windows rootkits usually utilize the Direct Kernel Object Manipulation (DKOM) ... by our colleagues in attacking networked set-top boxes widely deployed across campus [6]. 4.
Domain:
Source:
Link to this page:
Please notify us if you found a problem with this document:
{{id}} {{{paragraph}}}
Metasploit Lab: Attacking Windows XP, Windows, Kernel, Observing Linux Behavior, Attacking, A Guide to Kernel, One Software Bypass of Windows 8, Window s, Internals, Attacking the Windows, Over ASLR: Attacking Branch Predictors to Bypass, Attacking Hypervisors via Firmware and Hardware, KQguard: Binary-Centric Defense against Kernel