期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2016
卷号:83
期号:2
出版社:Journal of Theoretical and Applied
摘要:Kernel mode rootkits, KMRs have indeed gained considerable success as far as blackhat society is concerned raising much alarm to systems and system defenders. The danger posed by these rootkits has to some extent led to call for universal attention on the means to handle and deal with them. Rootkits have by far become more complicated and stealthy making it difficult to even detect their presence in the system using their susceptible methods. Bearing in mind the danger at hand posed by these rootkits to operating system and at large other computer systems, getting crucial information from already compromised system proves to be an uphill task. This thesis focused in addressing this problem. It focused on various techniques such as intelligent algorithm using neural networks technology to enable integrity checking for kernel mode rootkits. The research conducted also has described to some extent operating systems e.g. Linux kernel and some of the areas which are a common target by kernel rootkits. Virtualization technology was also introduced to enable readers understand some of the critical concepts. A number of requirements to be satisfied while addressing this issue have been outlined. A framework to implement the model has been set up to show how integrity check was achieved at the end of research.
关键词:Artificial Neural Network (ANN); Loadable kernel module (LKM); common object file format (COFF); Kernel mode rootkits; (KMR); probability mass functions (PMFs)
