RBACS: Rootkit Behavioral Analysis and Classification System

W
WKDD
2010
2010 Third International Conference on Knowledge Discovery and Data Mining
Abstract - RBACS: Rootkit Behavioral Analysis and Classification System

	This Article
	Subscribers, please Login Purchase article: $19 PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Desmond Lobo Articles by Paul Watters Articles by Xinwen Wu

2010 Third International Conference on Knowledge Discovery and Data Mining

Phuket, Thailand

January 09-January 10

ISBN: 978-0-7695-3923-2

	ASCII Text	x
	Desmond Lobo, Paul Watters, Xinwen Wu, "RBACS: Rootkit Behavioral Analysis and Classification System," International Workshop on Knowledge Discovery and Data Mining, pp. 75-80, 2010 Third International Conference on Knowledge Discovery and Data Mining, 2010.

	BibTex	x
	@article{ 10.1109/WKDD.2010.23, author = {Desmond Lobo and Paul Watters and Xinwen Wu}, title = {RBACS: Rootkit Behavioral Analysis and Classification System}, journal ={International Workshop on Knowledge Discovery and Data Mining}, volume = {0}, year = {2010}, isbn = {978-0-7695-3923-2}, pages = {75-80}, doi = {http://doi.ieeecomputersociety.org/10.1109/WKDD.2010.23}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - International Workshop on Knowledge Discovery and Data Mining TI - RBACS: Rootkit Behavioral Analysis and Classification System SN - 978-0-7695-3923-2 SP75 EP80 A1 - Desmond Lobo, A1 - Paul Watters, A1 - Xinwen Wu, PY - 2010 KW - rootkits KW - malware KW - behavioral analysis KW - classification KW - data mining VL - 0 JA - International Workshop on Knowledge Discovery and Data Mining ER -

Desmond Lobo

Paul Watters

Xinwen Wu

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/WKDD.2010.23

In this paper, we focus on rootkits, a special type of malicious software (malware) that operates in an obfuscated and stealthy mode to evade detection. Categorizing these rootkits will help in detecting future attacks against the business community. We first developed a theoretical framework for classifying rootkits. Based on our theoretical framework, we then proposed a new rootkit classification system and tested our system on a sample of rootkits that use inline function hooking. Our experimental results showed that our system could successfully categorize the sample using unsupervised clustering.

Index Terms:

rootkits, malware, behavioral analysis, classification, data mining

Citation:

Desmond Lobo, Paul Watters, Xinwen Wu, "RBACS: Rootkit Behavioral Analysis and Classification System," wkdd, pp.75-80, 2010 Third International Conference on Knowledge Discovery and Data Mining, 2010

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.