journal6 ›› 2010, Vol. 31 ›› Issue (3): 43-46.

• Computer • Previous Articles     Next Articles

Research on Occultation Techniques of Kernel Rootkit Based on File System Filter Driver

  

  1. (College of Physics Science and Information Engineering,Jishou University,Jishou 416000,Hunan China)
  • Online:2010-05-25 Published:2012-04-17

PDF (PC)

2457

Abstract: A Rootkit is a set of programs and code that allows a permanent or consistent,undetectable presence on a computer.Windows kernel Rootkit based on file system filter driver has been researched.The work principle of file system filter driver and the realization of filter driver and occultation techniques of kernel Rootkit based on file system filter driver have been introduced.The techniques of Rootkit detection have been discussed.

Key words: file system, Rootkit, filter driver, occultation

Copyright © 2021 Editorial Department of Journal of Jishou University(Natural Sciences)
Add. :120 South Renmin Road,Jishou,Hunan 416000,P. R. China
Tel. (86)-743-8563684 email:jdxbziran@jsu.edu.cn  https://zkxb.jsu.edu.cn
Technical Support:Beijing Magtech Co., Ltd.
WeChat e-book chaoxing Mobile QQ