Mechanism and implementation of Rootkit attack and defense
Rootkit is a set of malicious codes that can attack the system kernel and achieve deep hiding,which has posed serious threats to cyber security.Firstly,the basic features of Rootkit/Bootkit were introduced,and the characteristics of Rootkit attacks in user mode and kernel mode were compared and anal...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Beijing Xintong Media Co., Ltd
2018-12-01
|
| Series: | Dianxin kexue |
| Subjects: | |
| Online Access: | http://www.telecomsci.com/zh/article/doi/10.11959/j.issn.1000-0801.2018298/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841530489280659456 |
|---|---|
| author | Fujuan LI Qun WANG |
| author_facet | Fujuan LI Qun WANG |
| author_sort | Fujuan LI |
| collection | DOAJ |
| description | Rootkit is a set of malicious codes that can attack the system kernel and achieve deep hiding,which has posed serious threats to cyber security.Firstly,the basic features of Rootkit/Bootkit were introduced,and the characteristics of Rootkit attacks in user mode and kernel mode were compared and analyzed.Thereafter,the implementation principles and working mechanisms of Hook,DKOM and virtualization technologies involved in Rootkit attacks were emphatically analyzed.Combined with the specific attack behaviors,the main detection methods and defense techniques for Rootkit attacks were discussed at the end. |
| format | Article |
| id | doaj-art-f35bed14a2d44d51939e29ea7e06c14c |
| institution | Kabale University |
| issn | 1000-0801 |
| language | zho |
| publishDate | 2018-12-01 |
| publisher | Beijing Xintong Media Co., Ltd |
| record_format | Article |
| series | Dianxin kexue |
| spelling | doaj-art-f35bed14a2d44d51939e29ea7e06c14c2025-01-15T03:03:35ZzhoBeijing Xintong Media Co., LtdDianxin kexue1000-08012018-12-0134334559592306Mechanism and implementation of Rootkit attack and defenseFujuan LIQun WANGRootkit is a set of malicious codes that can attack the system kernel and achieve deep hiding,which has posed serious threats to cyber security.Firstly,the basic features of Rootkit/Bootkit were introduced,and the characteristics of Rootkit attacks in user mode and kernel mode were compared and analyzed.Thereafter,the implementation principles and working mechanisms of Hook,DKOM and virtualization technologies involved in Rootkit attacks were emphatically analyzed.Combined with the specific attack behaviors,the main detection methods and defense techniques for Rootkit attacks were discussed at the end.http://www.telecomsci.com/zh/article/doi/10.11959/j.issn.1000-0801.2018298/network attack and defensemalwareRootkithooking attacknetwork security |
| spellingShingle | Fujuan LI Qun WANG Mechanism and implementation of Rootkit attack and defense Dianxin kexue network attack and defense malware Rootkit hooking attack network security |
| title | Mechanism and implementation of Rootkit attack and defense |
| title_full | Mechanism and implementation of Rootkit attack and defense |
| title_fullStr | Mechanism and implementation of Rootkit attack and defense |
| title_full_unstemmed | Mechanism and implementation of Rootkit attack and defense |
| title_short | Mechanism and implementation of Rootkit attack and defense |
| title_sort | mechanism and implementation of rootkit attack and defense |
| topic | network attack and defense malware Rootkit hooking attack network security |
| url | http://www.telecomsci.com/zh/article/doi/10.11959/j.issn.1000-0801.2018298/ |
| work_keys_str_mv | AT fujuanli mechanismandimplementationofrootkitattackanddefense AT qunwang mechanismandimplementationofrootkitattackanddefense |