Name
Abstract | ||
|---|---|---|
Contemporary malware authors attempt many ways to make its products "invisible" for antymalware programs, and after infection deeply conceal its operation from users sight. The presence of concealed malware can be detected many ways. Most of them operate "on demand" and provides high scanning overload of the system, blocking the chances for normal users operation. The paper presents new method of rootkit operation detection, suitable for continuous operation, based on the analysis of network activity pictures viewed from two sources (internal and external to system), along with the results of method tests on virtual machines infected with the selected rootkits code samples. |
Year | DOI | Venue |
|---|---|---|
2013 | 10.1007/978-3-642-38865-1_17 | Communications in Computer and Information Science |
Keywords | DocType | Volume |
network flows monitoring,network auditing,rootkit traffic detection | Conference | 370 |
ISSN | Citations | PageRank |
1865-0929 | 1 | 0.47 |
References | Authors | |
5 | 1 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Mirosław Skrzewski | 1 | 20 | 4.22 |