Show simple item record

dc.contributor.authorLobo, Desmonden_US
dc.contributor.authorWatters, Paulen_US
dc.contributor.authorWu, Xin-Wenen_US
dc.contributor.editorICCSNen_US
dc.date.accessioned2017-05-03T15:50:36Z
dc.date.available2017-05-03T15:50:36Z
dc.date.issued2010en_US
dc.date.modified2012-09-02T23:02:19Z
dc.identifier.doi10.1109/ICCSN.2010.14en_US
dc.identifier.urihttp://hdl.handle.net/10072/37697
dc.description.abstractRootkits refer to software that is used to hide the presence of malware from system/network administrators and permit an attacker to take control of a computer. In our previous work, we designed a system that would categorize rootkits based on the hooks that had been created. Focusing on rootkits that use inline function hooking techniques, we showed that our system could successfully categorize a sample of rootkits using unsupervised EM clustering. In this paper, we extend our previous work by outlining a new procedure to help system/network administrators identify the rootkits that have infected their machines. Using a logistic regression model for profiling families of rootkits, we were able to identify at least one of the rootkits that had infected each of the systems that we tested.en_US
dc.description.peerreviewedYesen_US
dc.description.publicationstatusYesen_US
dc.format.extent310023 bytes
dc.format.mimetypeapplication/pdf
dc.languageEnglishen_US
dc.language.isoen_US
dc.publisherIEEE Computer Societyen_US
dc.publisher.placeWashington, DC, USAen_US
dc.relation.ispartofstudentpublicationNen_US
dc.relation.ispartofconferencename2010 International Conference on Communication Software and Networksen_US
dc.relation.ispartofconferencetitleProceedings of the 2010 Second International Conference on Communication Software and Networksen_US
dc.relation.ispartofdatefrom2010-02-26en_US
dc.relation.ispartofdateto2010-02-28en_US
dc.relation.ispartoflocationSingaporeen_US
dc.rights.retentionYen_US
dc.subject.fieldofresearchcode280505en_US
dc.titleA New Procedure to Help System/Network Administrators Identify Multiple Rootkit Infectionsen_US
dc.typeConference outputen_US
dc.type.descriptionE1 - Conference Publications (HERDC)en_US
dc.type.codeE - Conference Publicationsen_US
gro.rights.copyrightCopyright 2010 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.en_US
gro.date.issued2010
gro.hasfulltextFull Text


Files in this item

This item appears in the following Collection(s)

  • Conference outputs
    Contains papers delivered by Griffith authors at national and international conferences.

Show simple item record