Issue No.01 - January/February (2006 vol.4)
John G. Levine , Georgia Institute of Technology
Julian B. Grizzard , Georgia Institute of Technology
Henry L. Owen , Georgia Institute of Technology
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2006.11
Existing techniques to detect kernel-level rootkits expose some infections, but they don't identify specific attacks. This rootkit categorization approach helps system administrators identify the extent of specific infections, aiding in optimal recovery and faster reactions to future attacks.
Invasive software, rootkits, rootkit
John G. Levine, Julian B. Grizzard, Henry L. Owen, "Detecting and Categorizing Kernel-Level Rootkits to Aid Future Detection", IEEE Security & Privacy, vol.4, no. 1, pp. 24-32, January/February 2006, doi:10.1109/MSP.2006.11