DocumentCode :
2620204
Title :
The research on rootkit for information system classified protection
Author :
Tian, Zhihong ; Wang, Bailing ; Zhou, Zixi ; Zhang, HongLi
Author_Institution :
Res. Center of Comput. Network & Inf. Security Technol., Harbin Inst. of Technol., Harbin, China
fYear :
2011
fDate :
27-29 June 2011
Firstpage :
890
Lastpage :
893
Abstract :
Base on the analysis of linux system execution path, rootkits are divided into two categories, rootkit based on system call hook and rootkit based on system exception hook. According to the different stages of system call, system call hook included preload library, simple sys_call_table hook, inline system call hook, patch system_call hook, Rootkit based on /dev/kmem and /dev/mem. System exception hook rootkits include two exception exploit, abuse debug registers and hijack linux page fault handler.
Keywords :
Linux; security of data; Linux system execution path; information system classified protection; inline system call hook; patch system_call hook; preload library; rootkit; simple sys_call_table hook; system exception hook; Hardware; Kernel; Libraries; Linux; Registers; linux; rootkit; system call; system exception;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computer Science and Service System (CSSS), 2011 International Conference on
Conference_Location :
Nanjing
Print_ISBN :
978-1-4244-9762-1
Type :
conf
DOI :
10.1109/CSSS.2011.5974667
Filename :
5974667
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2620204
بازگشت