- Title
- RBACS : Rootkit behavioral analysis and classification system
- Creator
- Lobo, Desmond; Watters, Paul; Wu, Xinwen
- Date
- 2010
- Type
- Text; Conference paper
- Identifier
- http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/55006
- Identifier
- vital:3248
- Identifier
-
https://doi.org/10.1109/WKDD.2010.23
- Identifier
- ISBN:9780769539232
- Abstract
- In this paper, we focus on rootkits, a special type of malicious software (malware) that operates in an obfuscated and stealthy mode to evade detection. Categorizing these rootkits will help in detecting future attacks against the business community. We first developed a theoretical framework for classifying rootkits. Based on our theoretical framework, we then proposed a new rootkit classification system and tested our system on a sample of rootkits that use inline function hooking. Our experimental results showed that our system could successfully categorize the sample using unsupervised clustering. © 2010 IEEE.
- Publisher
- Phuket : IEEE
- Relation
- Paper presented at 3rd International Conference on Knowledge Discovery and Data Mining, WKDD 2010, Phuket : 9th-10th January 2010 p. 75-80
- Rights
- Copyright IEEE
- Rights
- Open Access
- Rights
- This metadata is freely available under a CCO license
- Subject
- 0804 Data Format; Behavioral analysis; Classification; Data mining; Malware; Rootkits
- Full Text
- Hits: 3020
- Visitors: 3109
- Downloads: 255
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details Download | SOURCE1 | Published version | 326 KB | Adobe Acrobat PDF | View Details Download |