Rootkits and Their Effects on Information Security
作者: Lynn Erla Beegle
DOI: 10.1080/10658980701402049
关键词:
摘要: A rootkit is cloaked software that infiltrates an operating system or a database with the intention to escape detection, resist removal, and perform specific operation. Many rootkits are designed invade "root," kernel, of program, therefore operate without announcing their presence owner computer. Although some written noble intentions (e.g., strengthen anti-virus package), true have malicious purpose. infection can render compromised computer vulnerable attacks corruption. Rootkits named for origin in Linux systems, but number attack Microsoft systems has recently proliferated. Not only difficult detect assess, at times effective way remove them do clean installation entire system. Recent discoveries other venues prove problem spreading major concern administrators information security. This paper presents brief history development possible effects.Prominent cases involving described.The concludes overview methods prevent (hopefully) eradicate one infected
acm.org
sci-hub.se 参考文章(7)
J.F. Levine, J.B. Grizzard, H.L. Owen, Detecting and categorizing kernel-level rootkits to aid future detection ieee symposium on security and privacy. ,vol. 4, pp. 24- 32 ,(2006) , 10.1109/MSP.2006.11
Dongyan Xu, Xuxian Jiang, Enabling internet worms and malware investigation and defense using virtualization Purdue University. ,(2006)
Samuel T King, Peter M Chen, None, SubVirt: implementing malware with virtual machines ieee symposium on security and privacy. pp. 314- 327 ,(2006) , 10.1109/SP.2006.38
S. Ring, E. Cole, Taking a lesson from stealthy rootkits ieee symposium on security and privacy. ,vol. 2, pp. 38- 45 ,(2004) , 10.1109/MSP.2004.57
Jesse D. Kornblum, Exploiting the Rootkit Paradox with Windows Memory Analysis International Journal of Digital Evidence. ,vol. 5, ,(2006)
L. Jean Camp, The State of Economics of Information Security Social Science Research Network. ,(2006)
Peter Mell, Karen Kent, Joseph Nusbaum, None, Guide to Malware Incident Prevention and Handling Special Publication (NIST SP) - 800-83. ,(2005) , 10.6028/NIST.SP.800-83