Countering kernel rootkits with lightweight hook protection
暂无分享,去创建一个
[1] Zhenkai Liang,et al. HookFinder: Identifying and Understanding Malware Hooking Behaviors , 2008, NDSS.
[2] David Lie,et al. Hypervisor Support for Identifying Covertly Executing Binaries , 2008, USENIX Security Symposium.
[3] William A. Arbaugh,et al. Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor , 2004, USENIX Security Symposium.
[4] Wenke Lee,et al. K-Tracer: A System for Extracting Kernel Malware Behavior , 2009, NDSS.
[5] Lars Ole Andersen,et al. Program Analysis and Specialization for the C Programming Language , 2005 .
[6] Xuxian Jiang,et al. Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction , 2007, CCS '07.
[7] Felix C. Freiling,et al. Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms , 2009, USENIX Security Symposium.
[8] Michael W. Hicks,et al. Automated detection of persistent kernel control-flow attacks , 2007, CCS '07.
[9] William A. Arbaugh,et al. An Architecture for Specification-Based Detection of Semantic Integrity Violations in Kernel Dynamic Data , 2006, USENIX Security Symposium.
[10] Hovav Shacham,et al. When good instructions go bad: generalizing return-oriented programming to RISC , 2008, CCS.
[11] Xuxian Jiang,et al. Multi-aspect profiling of kernel rootkit behavior , 2009, EuroSys '09.
[12] Tal Garfinkel,et al. A Virtual Machine Introspection Based Architecture for Intrusion Detection , 2003, NDSS.
[13] Galen C. Hunt,et al. Detours: binary interception of Win32 functions , 1999 .
[14] Yi-Min Wang,et al. Detecting stealth software with Strider GhostBuster , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).
[15] Crispan Cowan,et al. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.
[16] Zhi Wang,et al. Countering Persistent Kernel Rootkits through Systematic Hook Discovery , 2008, RAID.
[17] Heng Yin,et al. Panorama: capturing system-wide information flow for malware detection and analysis , 2007, CCS '07.
[18] Hovav Shacham,et al. The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86) , 2007, CCS '07.
[19] Xuxian Jiang,et al. Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing , 2008, RAID.
[20] Adrian Perrig,et al. SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes , 2007, SOSP.
[21] Wenke Lee,et al. Lares: An Architecture for Secure Active Monitoring Using Virtualization , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).
[22] Christopher Krügel,et al. Exploring Multiple Execution Paths for Malware Analysis , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).