TY - GEN
T1 - Implementing rootkits to address operating system vulnerabilities
AU - Corregedor, Manuel
AU - Von Solms, Sebastiaan
PY - 2011
Y1 - 2011
N2 - Statistics show that although malware detection techniques are detecting and preventing malware, they do not guarantee a 100% detection and / or prevention of malware. This is especially the case when it comes to rootkits that can manipulate the operating system such that it can distribute other malware, hide existing malware, steal information, hide itself, disable anti-malware software etc all without the knowledge of the user. This paper will demonstrate the steps required in order to create two rootkits. We will demonstrate that by implementing rootkits or any other type of malware a researcher will be able to better understand the techniques and vulnerabilities used by an attacker. Such information could then be useful when implementing anti-malware techniques.
AB - Statistics show that although malware detection techniques are detecting and preventing malware, they do not guarantee a 100% detection and / or prevention of malware. This is especially the case when it comes to rootkits that can manipulate the operating system such that it can distribute other malware, hide existing malware, steal information, hide itself, disable anti-malware software etc all without the knowledge of the user. This paper will demonstrate the steps required in order to create two rootkits. We will demonstrate that by implementing rootkits or any other type of malware a researcher will be able to better understand the techniques and vulnerabilities used by an attacker. Such information could then be useful when implementing anti-malware techniques.
KW - Rootkits
KW - malware
KW - security
KW - vulnerabilities
UR - http://www.scopus.com/inward/record.url?scp=80053965764&partnerID=8YFLogxK
U2 - 10.1109/ISSA.2011.6027521
DO - 10.1109/ISSA.2011.6027521
M3 - Conference contribution
AN - SCOPUS:80053965764
SN - 9781457714832
T3 - 2011 Information Security for South Africa - Proceedings of the ISSA 2011 Conference
BT - 2011 Information Security for South Africa - Proceedings of the ISSA 2011 Conference
T2 - 2011 Conference on Information Security for South Africa, ISSA 2011
Y2 - 15 August 2011 through 17 August 2011
ER -