Abstract
Windows XP is the dominant operating system in the world today and rootkits have been a major concern for XP users. This paper provides an in-depth analysis of the rootkits that target that operating system, while focusing on those that use various hooking techniques to hide malware on a machine. We identify some of the weaknesses in the Windows XP architecture that rootkits exploit and then evaluate some of the anti-rootkit security features that Microsoft has unveiled in Vista and 7. To reduce the number of rootkit infections in the future, we suggest that Microsoft should take full advantage of Intel's four distinct privilege levels.
Original language | English |
---|---|
Title of host publication | Proceedings |
Subtitle of host publication | Second Cybercrime and Trustworthy Computing Workshop |
Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
Pages | 69-78 |
Number of pages | 10 |
ISBN (Print) | 9780769541860 |
DOIs | |
Publication status | Published - 2010 |
Externally published | Yes |
Event | Cybercrime and Trustworthy Computing Workshop (2nd : 2010) - Ballarat, VIC, Canada Duration: 19 Jul 2010 → 20 Jul 2010 |
Conference
Conference | Cybercrime and Trustworthy Computing Workshop (2nd : 2010) |
---|---|
Abbreviated title | CTC 2010 |
Country/Territory | Canada |
City | Ballarat, VIC |
Period | 19/07/10 → 20/07/10 |
Keywords
- Computer security
- Intel's ring architecture
- Malicious software (malware)
- Microsoft Windows
- Rootkits