Rootkits are malicious programs that silently subvert an operating system to hide an intruder's activities. Although there are a number of tools designed to detect rootkits, ...
Abstract-- Rootkit attacks are a serious threat to computer systems. Packaged with other malware such as worms, viruses and spyware, rootkits pose a more potent threat than ever be...
: Within digital forensics investigations, the term Live Response refers to all activities that collect evidence on live systems. Though Live Response in general alters the state o...
Rootkits are now prevalent in the wild. Users affected by rootkits are subject to the abuse of their data and resources, often unknowingly. Such malware becomes even more dangerou...
Kevin R. B. Butler, Stephen E. McLaughlin, Patrick...
This paper presents a new approach to dynamically monitoring operating system kernel integrity, based on a property called state-based control-flow integrity (SBCFI). Violations ...
Malware and rootkits are serious security vulnerabilities, and they can be designed to be resistant to anti-viral software, or even totally undetectable. This paper described a hi...
Rootkits are used by malicious attackers who desire to run software on a compromised machine without being detected. They have become stealthier over the years as a consequence of...
Francis M. David, Ellick Chan, Jeffrey C. Carlyle,...
Rootkits have become a growing concern in cyber-security. Typically, they exploit kernel vulnerabilities to gain root privileges of a system and conceal malware’s activities fro...
Kernel-level rootkits affect system security by modifying key kernel data structures to achieve a variety of malicious goals. While early rootkits modified control data structur...
Kernel rootkits have posed serious security threats due to their stealthy manner. To hide their presence and activities, many rootkits hijack control flows by modifying control d...