A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf
.
KRGuard: Kernel Rootkits Detection Method by Monitoring Branches Using Hardware Features
2016
2016 International Conference on Information Science and Security (ICISS)
Attacks on an operating system kernel using kernel rootkits pose a particularly serious threat. Detecting an attack is difficult when the operating system kernel is infected with a kernel rootkit. For this reason, handling an attack will be delayed causing an increase in the amount of damage done to a computer system. In this paper, we discuss KRGuard (Kernel Rootkits Guard), which is a new method to detect kernel rootkits that monitors branch records in the kernel space. Since many kernel
doi:10.1109/icissec.2016.7885860
fatcat:ncbu7yrwufedllhckes22upiz4