首页> 美国政府科技报告 >Taxonomy of Software Deceptive Interpretation in the Linux Operating System

【24h】

Taxonomy of Software Deceptive Interpretation in the Linux Operating System

机译：Linux操作系统中软件欺骗性解释的分类

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Rootkits are malicious tools installed on compromised computer systems that help intruders take advantage of and maintain unauthorized access. Modern rootkits routinely employ deceptive interpretation to evade detection. This allows them to remain hidden and operational for extended periods of time, drastically prolonging and escalating the damage from the system compromise. This report investigates the concept of deceptive interpretation in order to explore high assurance approaches to detect rootkits. A taxonomy was developed through a systematic analysis of the Linux operating system that enumerates all possible mechanisms of performing software deceptive interpretation. Many novel mechanisms, not yet implemented in published rootkits, were discovered and included in the taxonomy. Categorization was based on the system objects that need to be modified for the deceptive interpretation mechanism. As a result, detectors that target the set of system objects associated with a category will be able to detect all deceptive interpreters in that category including previously unknown implementations. This work can serve as the basis for developing an alternative to the signature-based approach with the capability to provide categorical protection against deceptive interpreters and rootkits.

著录项

作者
Luo, J. ; Li, M. ; Khashnobish, A. ; McDermott, J. ; Froscher, J.;
展开▼
作者单位

展开▼
年度 2004
页码 1-56
总页数 56
原文格式 PDF
正文语种 eng
中图分类工业技术;
关键词
Data processing security; Deception; Taxonomy; Computer viruses; Information security; Intrusion detection(Computers); Detectors; Operating systems(Computers); Computer networks;

机译：数据处理安全;欺骗;分类;计算机病毒;信息安全;入侵检测（计算机）;探测器;操作系统（计算机）;计算机网络;

相似文献

外文文献
中文文献
专利

1. PMICALC: an R code-based software for estimating post-mortem interval (PMI) compatible with Windows, Mac and Linux operating systems. [J] . Munoz Barus JI, Rodriguez Calvo MS, Suarez Penaranda JM, Forensic science international . 2010,第1a3期

机译：PMICALC：一种基于R代码的软件，用于估计与Windows，Mac和Linux操作系统兼容的验尸间隔（PMI）。
2. Securing the Operating System A Software Based Approach in Linux [J] . Prabhav S, Madhav V Deshpande, Rakshak R Kamath, International Journal of Computer Trends and Technology . 2017,第3期

机译：保护操作系统安全Linux中基于软件的方法
3. Monitoring Software Now Powered by Linux Operating System [J] . International environmental technology . 2016,第3期

机译：现在由Linux操作系统支持的监视软件
4. Software Architecture for a Humanoid Robot Teleoperation Based on RT-Linux/Linux/Windows Operating System [C] . Yuepin Lu, Qiang Huang, Lei Zhang, IEEE International Conference on Mechatronics and Automation; 20060625-28; Luouang(CN) . 2006

机译：基于RT-Linux / Linux / Windows操作系统的仿人机器人遥操作软件体系结构
5. Real-time operating systems: A comparative study. A comparative study between Windows NT 4.0 and Linux. [D] . Aly, Seham Saber. 1998

机译：实时操作系统：一项比较研究。 Windows NT 4.0和Linux之间的比较研究。
6. Software and Hardware Requirements and Trade-Offs in Operating Systems for Wearables: A Tool to Improve Devices’ Performance [O] . Vicente J. P. Amorim, Mateus C. Silva, Ricardo A. R. Oliveira 2019

机译：可穿戴设备操作系统中的软件和硬件要求以及取舍：提高设备性能的工具
7. An implementation of the linux software repository model for other operating systems [O] . Neil Mcnab, Anthony Bryan 2009

机译：用于其他操作系统的linux软件存储库模型的实现

Taxonomy of Software Deceptive Interpretation in the Linux Operating System

摘要

著录项

相似文献

相关主题

期刊订阅