Invention Grant
- Patent Title: Discovery of kernel rootkits with memory scan
- Patent Title (中): 用内存扫描发现内核rootkit
-
Application No.: US11244672Application Date: 2005-10-05
-
Publication No.: US08572371B2Publication Date: 2013-10-29
- Inventor: Paul A. Gassoway
- Applicant: Paul A. Gassoway
- Applicant Address: US NY Islandia
- Assignee: CA, Inc.
- Current Assignee: CA, Inc.
- Current Assignee Address: US NY Islandia
- Agency: Baker Botts, L.L.P.
- Main IPC: G06F21/00
- IPC: G06F21/00

Abstract:
A system and method are provided for detecting kernel level rootkits including scanning a kernel memory using a kernel level detector. The kernel level detector includes kernel level code executing in kernel space. The kernel memory is compared to at least one rootkit signature file to determine if a rootkit signature corresponding to the rootkit signature file is present in the kernel memory.
Public/Granted literature
- US20070078915A1 Discovery of kernel rootkits with memory scan Public/Granted day:2007-04-05
Information query