DocumentCode :
2690724
Title :
Virus Analysis on IDT Hooks of Rootkits Trojan
Author :
Wang, Yong ; Gu, Dawu ; Li, Wei ; Li, Jing ; Wen, Mi
fYear :
2009
fDate :
16-17 May 2009
Firstpage :
224
Lastpage :
228
Abstract :
Rootkits Trojan virus, which can control attacked computers, delete import files and even steal password, are much popular now. Interrupt Descriptor Table (IDT) hook is rootkit technology in kernel level of Trojan. The paper makes deeply analysis on the IDT hooks handle procedure of rootkit Trojan according to previous other researchers methods. We compare its IDT structure and programs to find how Trojan interrupt handler code can respond the interrupt vector request in both real address mode and protected address mode. Finally, we analyze the IDT hook detection methods of rootkits Trojan by Windbg or other professional tools.
Keywords :
computer viruses; security of data; interrupt descriptor table hook; rootkits Trojan virus; virus analysis; Central Processing Unit; Computer hacking; Computer science; Electronic commerce; Hardware; Information analysis; Kernel; Power engineering and energy; Protection; Registers; IDT hook; Trojan; rootkit; virus;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Information Engineering and Electronic Commerce, 2009. IEEC '09. International Symposium on
Conference_Location :
Ternopil
Print_ISBN :
978-0-7695-3686-6
Type :
conf
DOI :
10.1109/IEEC.2009.52
Filename :
5175108
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2690724
بازگشت