APPARATUS AND METHOD FOR DETECTING CONTAINER ROOTKIT
作者: Lee Mi Young , Yoon Ho Sang , Lee Wonjun , Jung Young Il , Nidhin Alexander
DOI:
关键词: Rootkit 、 Container (abstract data type) 、 Kernel (statistics) 、 Operating system 、 Program code 、 Detector 、 Computer science
摘要: An apparatus and method for detecting a container rootkit are provided. The according to one example embodiment of the present disclosure includes detection target acquirer configured acquire, as target, copy kernel module program be executed on host computer system, wherein system is run or more containers; detector detect whether in based contains code modifying operation pre-defined function.
lens.org 参考文章(8)
Russell R. Stringham, Detecting and removing rootkits from within an infected computing system ,(2005)
Ron Vandergeest, Method and system for preventing and detecting security threats ,(2012)
Vivek Srivastava, Preet Mohinder, Amit Dang, System and method for kernel rootkit protection in a hypervisor environment ,(2012)
Gretchen L. Loihle, Vincent R. Orgovan, Alexey A. Polyakov, Yun Lin, Mihai Costea, Robert J. Hensing, Scott A. Field, Yi-Min Wang, Automated rootkit detector ,(2005)
Krishnapur Narasimhamurthy Venkatasubrahmanyam, System, method and computer program product for remote rootkit detection ,(2006)
Ralph Thomas, Michael Ligh, Method and system for automatic detection and analysis of malware ,(2011)
Alexey A. Polyakov, Neil A. Cowie, Generic RootKit detector ,(2005)
오메르 벤-샬롬, 알렉스 네이쉬투트, 이고르 무티크, Rootkit detection by using hardware resources to detect inconsistencies in network traffic ,(2014)