Windows Rootkits: Attacks and Countermeasures

File Size Format
67982_1.pdf 336Kb Adobe PDF View
Title Windows Rootkits: Attacks and Countermeasures
Author Lobo, Desmond; Watters, Paul; Wu, Xin-Wen; Sun, Li
Publication Title Proceedings. Second Cybercrime and Trustworthy Computing Workshop (CTC 2010)
Editor Lisa O'Connor
Year Published 2010
Place of publication United States
Publisher IEEE
Abstract Windows XP is the dominant operating system in the world today and root kits have been a major concern for XP users. This paper provides an in-depth analysis of the root kits that target that operating system, while focusing on those that use various hooking techniques to hide malware on a machine. We identify some of the weaknesses in the Windows XP architecture that root kits exploit and then evaluate some of the anti-root kit security features that Microsoft has unveiled in Vista and 7. To reduce the number of root kit infections in the future, we suggest that Microsoft should take full advantage of Intel's four distinct privilege levels.
Peer Reviewed Yes
Published Yes
Alternative URI http://dx.doi.org/10.1109/CTC.2010.9
Copyright Statement Copyright 2010 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
ISBN 9781424480548
Conference name Second Cybercrime and Trustworthy Computing Workshop (CTC 2010)
Location Ballarat
Date From 2010-07-19
Date To 2010-07-20
URI http://hdl.handle.net/10072/37830
Date Accessioned 2011-02-03
Date Available 2011-06-20T06:48:48Z
Language en_AU
Research Centre Institute for Integrated and Intelligent Systems
Faculty Faculty of Science, Environment, Engineering and Technology
Subject Computer System Security
Publication Type Conference Publications (Full Written Paper - Refereed)
Publication Type Code e1

Brief Record

Griffith University copyright notice