Invention Grant
- Patent Title: Discovery of kernel rootkits by detecting hidden information
- Patent Title (中): 通过检测隐藏信息发现内核rootkit
-
Application No.: US11244673Application Date: 2005-10-05
-
Publication No.: US07841006B2Publication Date: 2010-11-23
- Inventor: Paul A. Gassoway
- Applicant: Paul A. Gassoway
- Applicant Address: US NY Islandia
- Assignee: Computer Associates Think, Inc.
- Current Assignee: Computer Associates Think, Inc.
- Current Assignee Address: US NY Islandia
- Agency: Baker Botts L.L.P.
- Main IPC: G06F11/00
- IPC: G06F11/00 ; G06F12/14 ; G06F12/16
Abstract:
In accordance with a particular embodiment of the present invention, a method of detecting kernel level rootkits includes requesting first information from a kernel level process, the first information including first contents. The first information is received at a user level process. The method also includes compiling second information at kernel level, the second information including second contents corresponding to an expected first contents of the first information. The first contents are compared to the second contents.
Public/Granted literature
- US20070079178A1 Discovery of kernel rootkits by detecting hidden information Public/Granted day:2007-04-05
Information query
