Stühn et al., 2024 - Google Patents
The Hidden Threat: Analysis of Linux Rootkit Techniques and Limitations of Current Detection ToolsStühn et al., 2024
View PDF- Document ID
- 11290184940281315361
- Author
- Stühn J
- Hilgert J
- Lambertz M
- Publication year
- Publication venue
- Digital Threats: Research and Practice
External Links
Snippet
This article addresses the significant threat posed by rootkits as part of the diverse malware landscape of today. Rootkits enable an attacker to regain access to an already comprised system at root-level making their prompt identification and removal crucial. However, rootkits …
- 238000000034 method 0 title abstract description 106
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11973780B2 (en) | Deobfuscating and decloaking web-based malware with abstract execution | |
| Lu et al. | Blade: an attack-agnostic approach for preventing drive-by malware infections | |
| Idika et al. | A survey of malware detection techniques | |
| Bisht et al. | XSS-GUARD: precise dynamic prevention of cross-site scripting attacks | |
| Peisert et al. | Analysis of computer intrusions using sequences of function calls | |
| RU2697954C2 (en) | System and method of creating antivirus record | |
| Schuster et al. | Towards reducing the attack surface of software backdoors | |
| Yagemann et al. | Automated bug hunting with data-driven symbolic root cause analysis | |
| Mahmoud et al. | APTHunter: Detecting advanced persistent threats in early stages | |
| Zhang et al. | Invetter: Locating insecure input validations in android services | |
| Cao et al. | Jshield: towards real-time and vulnerability-based detection of polluted drive-by download attacks | |
| Tevis et al. | Methods for the prevention, detection and removal of software security vulnerabilities | |
| Geneiatakis et al. | Adaptive defenses for commodity software through virtual application partitioning | |
| Stühn et al. | The Hidden Threat: Analysis of Linux Rootkit Techniques and Limitations of Current Detection Tools | |
| Khodayari et al. | The great request robbery: An empirical study of client-side request hijacking vulnerabilities on the web | |
| Peisert | A model of forensic analysis using goal-oriented logging | |
| Yin et al. | Automatic malware analysis: an emulator based approach | |
| Sofaer et al. | RogueOne: Detecting Rogue Updates via Differential Data-flow Analysis Using Trust Domains | |
| de Vicente Mohino et al. | MMALE--A Methodology for Malware Analysis in Linux Environments. | |
| Litty | Hypervisor-based intrusion detection | |
| Ding et al. | Accurate and efficient exploit capture and classification | |
| Chang et al. | Vulnerable service invocation and countermeasures | |
| Karanth et al. | Pattern mining for future attacks | |
| Ansari et al. | A kernel level vfs logger for building efficient file system intrusion detection system | |
| Yan et al. | Automated Data Binding Vulnerability Detection for Java Web Frameworks via Nested Property Graph |