|
|||||
|
|
| Rootkit隐藏技术与检测方法研究 | |
| 引用本文: | 姜辉,杨峰,段海新.Rootkit隐藏技术与检测方法研究[J].小型微型计算机系统,2012,33(5):1006-1011. |
| 作者姓名: | 姜辉 杨峰 段海新 |
| 作者单位: | 1. 山东省网络环境智能计算技术重点实验室,济南250022;清华大学信息网络工程研究中心,北京100084 2. 清华大学计算机科学与技术系,北京,100084 3. 清华大学信息网络工程研究中心,北京,100084 |
| 基金项目: | 国家“九七三”重点基础研究发展计划项目,国家自然科学基金青年基金 |
| 摘 要: | 近些年来,恶意代码攻击的目的由破坏炫耀向经济利益转变,因而更加注重自身的隐藏.Rootkit具有隐蔽性强、特权级高等特点,成为主机安全的严重威胁.硬件虚拟化技术出现后,Rootkit扩展到了操作系统外部,对检测技术提出了新的挑战.本文总结了近几年网络安全领域中Rootkit隐藏技术和检测技术的研究进展,分析了各自面临的问题,并基于对Rootkit隐藏技术和检测技术的分析,探讨Rootkit检测技术的发展趋势. |
| 关 键 词: | 网络安全 Rootkit 恶意代码 硬件虚拟化 |
Research of Rootkit Technology and Detection Method |
|
| JIANG Hui , YANG Feng , DUAN Hai-xin.Research of Rootkit Technology and Detection Method[J].Mini-micro Systems,2012,33(5):1006-1011. | |
| Authors: | JIANG Hui YANG Feng DUAN Hai-xin |
| Affiliation: | 1(Shandong Provincial Key Laboratory of Network Based Intelligent Computing,Jinan 250022,China) 2(Department of Computer Science & Technology,Tsinghua University,Beijing 100084,China) 3(Network Research Center,Tsinghua University,Beijing 100084,China) |
| Abstract: | In recent years,the purpose of malicious code is changing to economic benefit instead of making damage and gain fame and glory.The malicious authors put more efforts to hide their malware.Rootkit has the characteristics of strong hidden ability and high privilege.So it is a serious threat of host security.As Hardware Virtualization Technology comes out,Rootkit extends to the outside of operating system and presents new challenges to detection technology.This paper,makes a summary of Rootkit hiding and detection technology these years,analysis the problem them facing and discusses the trends of Rootkit detection technology. |
| Keywords: | network security rootkit malware hardware virtualization |
| 本文献已被 CNKI 万方数据 等数据库收录! | |