• DocumentCode
    1865881
  • Title

    RBACS: Rootkit Behavioral Analysis and Classification System

  • Author

    Lobo, Desmond ; Watters, Paul ; Wu, Xinwen

  • Author_Institution
    Internet Commerce Security Lab., Univ. of Ballarat, Ballarat, VIC, Australia
  • fYear
    2010
  • fDate
    9-10 Jan. 2010
  • Firstpage
    75
  • Lastpage
    80
  • Abstract
    In this paper, we focus on rootkits, a special type of malicious software (malware) that operates in an obfuscated and stealthy mode to evade detection. Categorizing these rootkits will help in detecting future attacks against the business community. We first developed a theoretical framework for classifying rootkits. Based on our theoretical framework, we then proposed a new rootkit classification system and tested our system on a sample of rootkits that use inline function hooking. Our experimental results showed that our system could successfully categorize the sample using unsupervised clustering.
  • Keywords
    invasive software; pattern classification; pattern clustering; business community; malware; rootkit behavioral analysis; rootkit classification system; unsupervised clustering; Australia; Business; Computer crime; Computer viruses; Computer worms; Data mining; Data security; Internet; Laboratories; System testing; behavioral analysis; classification; data mining; malware; rootkits;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Knowledge Discovery and Data Mining, 2010. WKDD '10. Third International Conference on
  • Conference_Location
    Phuket
  • Print_ISBN
    978-1-4244-5397-9
  • Electronic_ISBN
    978-1-4244-5398-6
  • Type

    conf

  • DOI
    10.1109/WKDD.2010.23
  • Filename
    5432724
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1865881