{"product_id":"analysis-of-automated-rootkit-detection-methodologies-von-eugene-chuvyrov","title":"Analysis of Automated Rootkit Detection Methodologies","description":"\u003cp\u003eThe focus of this study was to identify, analyze,  compare, and evaluate the effectiveness of rootkit  detection methodologies.  Specifically, two  methodologies were studied in depth.  The first is  the heuristic of statically analyzing kernel module  binaries, which attempts to determine whether or not  a software module's behavior is malicious, prior to  passing it to the operating system. The second  methodology analyzed in this paper, the Strider  Ghostbuster framework, compares what a computer  system believes to be true (i.e., what modules are  visible to the OS) to the absolute ¿truth,¿ which is  determined via low-level system programming.  The  expected results of this comparison should always be  equal, unless a malicious tampering on the system is  observed.  After comparing the effectiveness of detection  methodologies on a set of well-known (and publicly  available) rootkits, including a very simple rootkit  built by the author, the methodologies are compared  and their effectiveness is evaluated.\u003c\/p\u003e\u003cdiv class=\"aw-variant-hidden-subtitle-div\" id=\"aw-variant-subtitle-9783844384833\"\u003e\u003ch3\u003eANALYSIS, COMPARISON, AND EVALUATION OF THE EFFECTIVENESS OF ROOTKIT DETECTION METHODOLOGIES\u003c\/h3\u003e\u003c\/div\u003e","brand":"Autorenwelt Shop","offers":[{"title":"Softcover - 9783844384833","offer_id":39495931068509,"sku":"9783844384833","price":49.0,"currency_code":"EUR","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0940\/0622\/files\/5b946552-4ecb-4d63-b033-85c7232be2c4.jpg?v=1757742062","url":"https:\/\/shop.autorenwelt.de\/en\/products\/analysis-of-automated-rootkit-detection-methodologies-von-eugene-chuvyrov","provider":"Autorenwelt Shop","version":"1.0","type":"link"}