• DocumentCode
    2747829
  • Title

    Windows Rootkits: Attacks and Countermeasures

  • Author

    Lobo, Desmond ; Watters, Paul ; Wu, Xin-Wen ; Sun, Li

  • Author_Institution
    Internet Commerce Security Lab., Univ. of Ballarat, Ballarat, VIC, Australia
  • fYear
    2010
  • fDate
    19-20 July 2010
  • Firstpage
    69
  • Lastpage
    78
  • Abstract
    Windows XP is the dominant operating system in the world today and root kits have been a major concern for XP users. This paper provides an in-depth analysis of the root kits that target that operating system, while focusing on those that use various hooking techniques to hide malware on a machine. We identify some of the weaknesses in the Windows XP architecture that root kits exploit and then evaluate some of the anti-root kit security features that Microsoft has unveiled in Vista and 7. To reduce the number of root kit infections in the future, we suggest that Microsoft should take full advantage of Intel´s four distinct privilege levels.
  • Keywords
    invasive software; operating systems (computers); Microsoft; Windows XP; Windows rootkits; hooking techniques; malware; operating system; Computer architecture; Computers; Kernel; Malware; Intel´s ring architecture; Microsoft Windows; computer security; malicious software (malware); rootkits;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second
  • Conference_Location
    Ballarat, VIC
  • Print_ISBN
    978-1-4244-8054-8
  • Electronic_ISBN
    978-0-7695-4186-0
  • Type

    conf

  • DOI
    10.1109/CTC.2010.9
  • Filename
    5615079
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2747829