Rootkit Detection Mechanisms for Linux Systems
2023 9th International Conference on Computer and Communications (ICCC)(2023)
摘要
In order to enhance the detection of Rootkits present in the Linux system, this study conducted an in-depth analysis of existing Rootkit principles and proposed a precise Rootkit detection mechanism based on Kprobe technology. This mechanism utilizes instrumentation at relevant function execution points within the Linux kernel to obtain a reliable and accurate kernel-level view. Additionally, it combines audit tools to obtain a user-level view, allowing for the detection of hidden Rootkit presence through cross-view comparison. During the experimental phase, mainstream Rootkits were employed to test the effectiveness of this mechanism. The experimental results demonstrated outstanding detection capabilities of the proposed mechanism.
更多查看译文
AI 理解论文
溯源树
样例
![](https://originalfileserver.aminer.cn/sys/aminer/pubs/mrt_preview.jpeg)
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要