• DocumentCode
    2196526
  • Title

    Anti-rootkit Technology of Kernel Integrity Detection and Restoration

  • Author

    Zhang, Yongqiang ; Bi, Hai

  • Author_Institution
    Sch. of Inf. & Electron. Eng., Hebei Univ. of Eng., Handan, China
  • Volume
    1
  • fYear
    2011
  • fDate
    14-15 May 2011
  • Firstpage
    276
  • Lastpage
    278
  • Abstract
    Aiming at the principles how root kit malicious action by hooking System Service Dispatch Table and utilizing inline function patching, this paper presents a method of integrity detection and restoration based on kernel file, which is proved to ensure correct implementation of the kernel function.
  • Keywords
    Unix; operating system kernels; security of data; system recovery; anti-rootkit technology; inline function patching; kernel integrity detection; kernel integrity restoration; root kit malicious action; system service dispatch table; Arrays; Assembly; Bismuth; Educational institutions; Indexes; Kernel; Switches; SSDT hook; inline function patching; integrity restore; rootkit;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Network Computing and Information Security (NCIS), 2011 International Conference on
  • Conference_Location
    Guilin
  • Print_ISBN
    978-1-61284-347-6
  • Type

    conf

  • DOI
    10.1109/NCIS.2011.62
  • Filename
    5948732
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2196526