%0 Journal Article
%T Analyse the Undetectable Behavior of Rootkits on System Services<br>系统服务Rootkits隐藏行为分析
%A LONG Hai
%A HAO Dong-bai
%A HUANG Hao
%A <br>龙海
%A 郝东白
%A 黄皓
%J 计算机科学
%D 2008
%I 
%X Hooking the system services to hide the presence of objects such as processes,files,registry keys,and open ports is the most popular method of rootkits. But a great deal of rootkits detection methods can't tell the relationship between the rootkits and the hided objects. Analyzing the undetectable behavior of user-mode or kernel-mode rootkits on system services,six hide models are built.We develop a method to reveal the object hided by the rootkits when the rootkits are detected through analyzing the binary...
%K Rootkits
%K System service
%K Behavior
%K Control-flow graph
%K Data-flow graph
%K Call graph<br>rootkits
%K 系统服务
%K 行为
%K 控制流图
%K 数据流图
%K 函数调用图
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=64A12D73428C8B8DBFB978D04DFEB3C1&aid=06803EDCB590EEFEFDF68A6AF2C0DEDA&yid=67289AFF6305E306&vid=6209D9E8050195F5&iid=B31275AF3241DB2D&sid=89F76E117E9BDB76&eid=F24949CFDB502409&journal_id=1002-137X&journal_name=计算机科学&referenced_num=0&reference_num=12