Detecting Kernel-Level Rootkits Using Data Structure Invariants
作者: A. Baliga , V. Ganapathy , L. Iftode
DOI: 10.1109/TDSC.2010.38
关键词:
摘要: … Future work can further explore how the output of our automatic approach compares against … Secure co-processors allow remote monitoring of physical memory, and have been used to …
acm.org
ieeecomputersociety.org
computer.org
researchgate.net 参考文章(37)
William G. Griswold, Michael D. Ernst, David Notkin, Yoshio Kataoka, Dynamically Discovering Program Invariants Involving Collections ,(2000)
William A. Arbaugh, Timothy Fraser, Nick L. Petroni, AAron Walters, An architecture for specification-based detection of semantic integrity violations in kernel dynamic data usenix security symposium. pp. 20- ,(2006)
Ryan Riley, Xuxian Jiang, Dongyan Xu, Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing recent advances in intrusion detection. pp. 1- 20 ,(2008) , 10.1007/978-3-540-87403-4_1
William A. Arbaugh, Timothy Fraser, Nick L. Petroni, Jesus Molina, Copilot - a coprocessor-based kernel runtime integrity monitor usenix security symposium. pp. 13- 13 ,(2004)
Anthony Cozzie, Hui Xue, Frank Stratton, Samuel T. King, Digging for data structures operating systems design and implementation. pp. 255- 266 ,(2008) , 10.5555/1855741.1855759
Reiner Sailer, Leendert van Doorn, Trent Jaeger, Xiaolan Zhang, Design and implementation of a TCG-based integrity measurement architecture usenix security symposium. pp. 16- 16 ,(2004)
Zhi Wang, Xuxian Jiang, Weidong Cui, Xinyuan Wang, Countering Persistent Kernel Rootkits through Systematic Hook Discovery recent advances in intrusion detection. pp. 21- 38 ,(2008) , 10.1007/978-3-540-87403-4_2
Tal Garfinkel, Mendel Rosenblum, A Virtual Machine Introspection Based Architecture for Intrusion Detection. network and distributed system security symposium. ,(2003)
Yi-Min Wang, D. Beck, Binh Vo, R. Roussev, C. Verbowski, Detecting stealth software with Strider GhostBuster dependable systems and networks. pp. 368- 377 ,(2005) , 10.1109/DSN.2005.39
Reiner Sailer, Trent Jaeger, Xiaolan Zhang, Leendert van Doorn, Attestation-based policy enforcement for remote access computer and communications security. pp. 308- 317 ,(2004) , 10.1145/1030083.1030125