Show simple item record

dc.contributor.authorLobo, Desmond
dc.contributor.authorWatters, Paul
dc.contributor.authorWu, Xin-Wen
dc.contributor.editorICCSN
dc.date.accessioned2017-05-03T15:50:36Z
dc.date.available2017-05-03T15:50:36Z
dc.date.issued2010
dc.date.modified2012-09-02T23:02:19Z
dc.identifier.doi10.1109/ICCSN.2010.14
dc.identifier.urihttp://hdl.handle.net/10072/37697
dc.description.abstractRootkits refer to software that is used to hide the presence of malware from system/network administrators and permit an attacker to take control of a computer. In our previous work, we designed a system that would categorize rootkits based on the hooks that had been created. Focusing on rootkits that use inline function hooking techniques, we showed that our system could successfully categorize a sample of rootkits using unsupervised EM clustering. In this paper, we extend our previous work by outlining a new procedure to help system/network administrators identify the rootkits that have infected their machines. Using a logistic regression model for profiling families of rootkits, we were able to identify at least one of the rootkits that had infected each of the systems that we tested.
dc.description.peerreviewedYes
dc.description.publicationstatusYes
dc.format.extent310023 bytes
dc.format.mimetypeapplication/pdf
dc.languageEnglish
dc.language.isoeng
dc.publisherIEEE Computer Society
dc.publisher.placeWashington, DC, USA
dc.relation.ispartofstudentpublicationN
dc.relation.ispartofconferencename2010 International Conference on Communication Software and Networks
dc.relation.ispartofconferencetitleProceedings of the 2010 Second International Conference on Communication Software and Networks
dc.relation.ispartofdatefrom2010-02-26
dc.relation.ispartofdateto2010-02-28
dc.relation.ispartoflocationSingapore
dc.rights.retentionY
dc.subject.fieldofresearchcode280505
dc.titleA New Procedure to Help System/Network Administrators Identify Multiple Rootkit Infections
dc.typeConference output
dc.type.descriptionE1 - Conferences
dc.type.codeE - Conference Publications
gro.rights.copyright© 2010 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
gro.date.issued2010
gro.hasfulltextFull Text
gro.griffith.authorWu, Xin-Wen


Files in this item

This item appears in the following Collection(s)

  • Conference outputs
    Contains papers delivered by Griffith authors at national and international conferences.

Show simple item record