A Brief Survey on Rootkit
Techniques in Malicious Codes
Sungkwan Kim1, Junyoung Park1, Kyungroul Lee1, Ilsun You2, and Kangbin Yim1*
1Soonchunhyang
University
Shinchang-myun, Asan-si, Republic of Korea
{carpedm, wwkim3, apple, yim}@sch.ac.kr
2Korean Bible University
Seoul, Republic of Korea
isyou@bible.ac.kr
Abstract
Nowadays, malicious codes are significantly increasing,
leading to serious damages to information
systems. It is
worth to note that these codes generally depend on the rootkit
techniques to make it
more difficult for
themselves to be analyzed and detected. Therefore, it is of paramount
importance
to research the rootkits to effectively defend against malicious codes. In
this paper, we explore and
survey the rootkit techniques both in user-level and kernel-level.
Several rootkit samples are also
utilized for the
test and verification purpose.
Keywords: rootkit, malicious codes, keyboard security
*Corresponding author: LISA Laboratory, Soonchunhyang University, 9418, Engineering Building, 646, Eupnae-ri,
Shinchang-myun, Asan-si, Chungcheongnam-do,
Republic of Korea, Tel: +82-(0)415301741,
Web: http://lisa.sch.ac.kr
Journal of Internet Services and Information
Security (JISIS), 2(3/4): 134-147, November 2012 [pdf]