|
|||||
|
|
| 反rootkit的内核完整性检测与恢复技术 | |
| 引用本文: | 吴坤鸿,乐宏彦. 反rootkit的内核完整性检测与恢复技术[J]. 计算机工程, 2008, 34(21): 129-131 |
| 作者姓名: | 吴坤鸿 乐宏彦 |
| 作者单位: | 73630,部队,福州,350002;73630,部队,福州,350002 |
| 摘 要: | 针对rootkit恶意软件挂钩SystemServiceDispatchTable和使用内联函数补丁进行隐藏文件的原理,提出基于内核文件的完整性检测和恢复方法,结果证明了其能够确保系统获取文件等敏感信息的完整性。 |
| 关 键 词: | rootkit软件 SSDT截持 内联函数补丁 完整性恢复 |
| 修稿时间: | |
Anti-rootkit Technology of Kernel Integrity Detection and Restoration |
|
| WU Kun-hong,LE Hong-yan. Anti-rootkit Technology of Kernel Integrity Detection and Restoration[J]. Computer Engineering, 2008, 34(21): 129-131 | |
| Authors: | WU Kun-hong LE Hong-yan |
| Affiliation: | 73630,部队,福州,350002 |
| Abstract: | Aiming at the principles how rootkit malicious softwares hided files by hooking SystemServiceDispatchTable and utilizing inline function pacthing, this paper presents a method of integrity detection and restoration based on kernel file, which is proved to ensure the integrity of outcome of querying file. |
| Keywords: | rootkit SSDT hook inline function patching integrity restore |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! | |
| 点击此处可从《计算机工程》浏览原始摘要信息 | |
| 点击此处可从《计算机工程》下载全文 | |