Invention Grant
US08572371B2 Discovery of kernel rootkits with memory scan 有权
用内存扫描发现内核rootkit

  • Patent Title: Discovery of kernel rootkits with memory scan
  • Patent Title (中): 用内存扫描发现内核rootkit
  • Application No.: US11244672
    Application Date: 2005-10-05
  • Publication No.: US08572371B2
    Publication Date: 2013-10-29
  • Inventor: Paul A. Gassoway
  • Applicant: Paul A. Gassoway
  • Applicant Address: US NY Islandia
  • Assignee: CA, Inc.
  • Current Assignee: CA, Inc.
  • Current Assignee Address: US NY Islandia
  • Agency: Baker Botts, L.L.P.
  • Main IPC: G06F21/00
  • IPC: G06F21/00
Discovery of kernel rootkits with memory scan
Abstract:
A system and method are provided for detecting kernel level rootkits including scanning a kernel memory using a kernel level detector. The kernel level detector includes kernel level code executing in kernel space. The kernel memory is compared to at least one rootkit signature file to determine if a rootkit signature corresponding to the rootkit signature file is present in the kernel memory.
Public/Granted literature
Information query
Patent Agency Ranking
0/0