Title :
Strengthening digital rights management using a new driver-hidden rootkit
Author :
Tsaur, Woei-Jiunn
Author_Institution :
Dept. of Inf. Manage., Da-Yeh Univ., Changhua, Taiwan
fDate :
5/1/2012 12:00:00 AM
Abstract :
It can be observed that a rootkit may be used to conceal the digital rights management (DRM) software, which is aptly installed in consumers´ computers to prevent unauthorized copying. In order to prevent unauthorized users from deleting the digital right management software by employing anti-rootkit tools to remove the rootkit, we develop a new driver-hidden rootkit to strengthen digital right management in this paper. The proposed driver-hidden rootkit is constructed using the technique of DKOM (Direct Kernel Object Manipulation), and have verified that it can successfully avoid a variety of well-known rootkit detectors. Our contributions are twofold. First, we can use the proposed new rootkit technology to extend the protection of the DRM software. Second, the stealth tricks of the proposed sophisticated driver-hidden rootkit can be a great inspiration to defenders who need to effectively strengthen the legitimate uses.
Keywords :
authorisation; copy protection; digital rights management; operating system kernels; DKOM; DRM software concealment; DRM software protection; Direct Kernel Object Manipulation; antirootkit tools; consumer computer; digital rights management; driver-hidden rootkit; rootkit detector; rootkit removal; stealth trick; unauthorized copying prevention; unauthorized users; Computers; Data structures; Detectors; Kernel; Multimedia communication; Security; Digital Rights Management (DRM); operating systems; rootkit; system security;
Journal_Title :
Consumer Electronics, IEEE Transactions on
DOI :
10.1109/TCE.2012.6227450
