Title :
Windows Rootkits: Attacks and Countermeasures
Author :
Lobo, Desmond ; Watters, Paul ; Wu, Xin-Wen ; Sun, Li
Author_Institution :
Internet Commerce Security Lab., Univ. of Ballarat, Ballarat, VIC, Australia
Abstract :
Windows XP is the dominant operating system in the world today and root kits have been a major concern for XP users. This paper provides an in-depth analysis of the root kits that target that operating system, while focusing on those that use various hooking techniques to hide malware on a machine. We identify some of the weaknesses in the Windows XP architecture that root kits exploit and then evaluate some of the anti-root kit security features that Microsoft has unveiled in Vista and 7. To reduce the number of root kit infections in the future, we suggest that Microsoft should take full advantage of Intel´s four distinct privilege levels.
Keywords :
invasive software; operating systems (computers); Microsoft; Windows XP; Windows rootkits; hooking techniques; malware; operating system; Computer architecture; Computers; Kernel; Malware; Intel´s ring architecture; Microsoft Windows; computer security; malicious software (malware); rootkits;
Conference_Titel :
Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second
Conference_Location :
Ballarat, VIC
Print_ISBN :
978-1-4244-8054-8
Electronic_ISBN :
978-0-7695-4186-0
