메뉴 건너뛰기




Volumn , Issue , 2009, Pages 74-81

Defeating dynamic data kernel rootkit attacks via VMM-based guest-transparent monitoring

Author keywords

[No Author keywords available]

Indexed keywords

CODE INJECTION; CODE INTEGRITY; DATA STATE; DYNAMIC DATA; ENTIRE SYSTEM; KERNEL MEMORY; MEMORY ACCESS; OPERATING SYSTEM KERNEL; ROOTKITS; VIRTUAL MACHINE MONITORS;

EID: 70349665533     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ARES.2009.116     Document Type: Conference Paper
Times cited : (74)

References (27)
  • 1
    • 70349655953 scopus 로고    scopus 로고
    • Stealth, adore-0.42. http://stealth.7350.org/rootkits.
    • adore-0.42
  • 2
    • 70349693552 scopus 로고    scopus 로고
    • adore-ng-0.53
    • Stealth, "adore-ng-0.53," http://stealth.7350.org/rootkits.
  • 3
    • 84880390547 scopus 로고    scopus 로고
    • fuzen op, "FU rootkit," https://www.rootkit.com/vault/fuzen op/FU Rootkit.zip.
    • FU rootkit
    • fuzen op1
  • 4
    • 70349684248 scopus 로고    scopus 로고
    • P. Silverman and C.H.A.O.S., FUTo, http://www.rootkit.com/ newsread.php?newsid=433.
    • P. Silverman and C.H.A.O.S., "FUTo," http://www.rootkit.com/ newsread.php?newsid=433.
  • 5
    • 70349678154 scopus 로고    scopus 로고
    • Fanbot, "W32/Fanbot.A@mm," http://www.symantec.com/security response/writeup.jsp?docid=2005-101715-5745-99.
    • W32/Fanbot.A@mm
    • Fanbot1
  • 12
    • 70349672780 scopus 로고    scopus 로고
    • N. Murilo and K. Steding-Jessen, chkrootkit V. 0.47, http://www. chkrootkit.org.
    • N. Murilo and K. Steding-Jessen, "chkrootkit V. 0.47," http://www. chkrootkit.org.
  • 13
    • 70349652908 scopus 로고    scopus 로고
    • F-Secure, F-Secure Blacklight, http://www.f-secure.com/ blacklight/ blacklight.html.
    • F-Secure, "F-Secure Blacklight," http://www.f-secure.com/ blacklight/ blacklight.html.
  • 14
    • 70349658159 scopus 로고    scopus 로고
    • B. Cogswell and M. Russinovich, RootkitRevealer v1.71, http://www. microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspx.
    • B. Cogswell and M. Russinovich, "RootkitRevealer v1.71," http://www. microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspx.
  • 15
    • 70349666617 scopus 로고    scopus 로고
    • pjf , IceSword 1.20, http://www.blogcn.com/user17/pjf/index. html.
    • pjf , "IceSword 1.20," http://www.blogcn.com/user17/pjf/index. html.
  • 20
    • 33845381672 scopus 로고    scopus 로고
    • Linux on-the-fly kernel patching without LKM
    • http: //www.phrack.org/issues.html?id=7&issue=58
    • devik and sd, "Linux on-the-fly kernel patching without LKM," http: //www.phrack.org/issues.html?id=7&issue=58.
    • devik1    sd2
  • 23
    • 84991799247 scopus 로고    scopus 로고
    • An Architecture for Specification-Based Detection of Semantic Integrity Violations in Kernel Dynamic Data
    • Vancouver, B.C, Canada, July
    • N. L. Petroni, T. Fraser, A. Walters, and W. A. Arbaugh, "An Architecture for Specification-Based Detection of Semantic Integrity Violations in Kernel Dynamic Data," in Proceedings for the 15th USENIX Security Symposium, (Vancouver, B.C., Canada), July 2006.
    • (2006) Proceedings for the 15th USENIX Security Symposium
    • Petroni, N.L.1    Fraser, T.2    Walters, A.3    Arbaugh, W.A.4


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.