Research on Occultation Techniques of Kernel Rootkit Based on File System Filter Driver

journal6 ›› 2010, Vol. 31 ›› Issue (3): 43-46.

• Computer • Previous Articles Next Articles

Research on Occultation Techniques of Kernel Rootkit Based on File System Filter Driver

(College of Physics Science and Information Engineering，Jishou University，Jishou 416000,Hunan China)

Online:2010-05-25 Published:2012-04-17

Abstract

Abstract: A Rootkit is a set of programs and code that allows a permanent or consistent，undetectable presence on a computer.Windows kernel Rootkit based on file system filter driver has been researched.The work principle of file system filter driver and the realization of filter driver and occultation techniques of kernel Rootkit based on file system filter driver have been introduced.The techniques of Rootkit detection have been discussed.

Key words: file system, Rootkit, filter driver, occultation

HOU Chun-Ming, LIU Lin. Research on Occultation Techniques of Kernel Rootkit Based on File System Filter Driver[J]. journal6, 2010, 31(3): 43-46.

Research on Occultation Techniques of Kernel Rootkit Based on File System Filter Driver

PDF (PC)

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 1

Recommended Articles 0

Metrics

Comments