[1] |
JERLIN M A . A review on advanced evasion techniques[J]. International Journal of Pharmacy & Technology, 2016,8(4): 4917-4924.
|
[2] |
XIA H , XU Y , XIA H ,et al. Design and research of safety test model based on advanced evasion techniques[C]// Global Conference on Mechanics and Civil Engineering (GCMCE2017),April 21-23,2017,Nanjing,China.[S.l.:sn]. 2017: 92-96.
|
[3] |
GURI M , POLIAK Y , SHAPIRA B ,et al. JoKER:trusted detection of Kernel Rootkits in android devices via JTAG interface[C]// IEEE Trustcom/BigDatase/ISPA,Aug 20-22,2015,Helsinki,Finland. Washington DC:IEEE Computer Society, 2015: 65-73.
|
[4] |
DAMOPOULOS D , KAMBOURAKIS G , GRITZALIS S . iSAM:an iPhone stealth airborne malware[J]. IFIP Advances in Information & Communication Technology, 2017: 17-28.
|
[5] |
VETTER J , JUNKER-PETSCHICK M , NORDHOLZ J ,et al. Uncloaking Rootkits on mobile devices with a hypervisor-based detector[C]// International Conference on Information Security and Cryptology,March 10,2016,Seoul,South Korea. Berlin:Springer Press, 2016: 262-277.
|
[6] |
张瑜, 刘庆中, 李涛 ,等. Rootkit研究综述[J]. 电子科技大学学报, 2015,44(4): 563-578.
|
|
ZHANG Y , LIU Q Z , LI T ,et al. Research and development of Rootkit[J]. Journal of University of Electronic Science and Technology of China, 2015,44(4): 563-578.
|
[7] |
RICHER T J , NEALE G , OSBORNE G . On the effectiveness of virtualisation assisted view comparison for Rootkit detection[C]// The 13th Australasian Information Security Conference July 7-9,2008,Sydney,Australia. Berlin:Springer Press, 2008: 35-44.
|
[8] |
DAWSON J A , MCDONAID J T , SHROPSHIRE J ,et al. Rootkit detection through phase-space analysis of power voltage measurements[C]// International Conference on Malicious and Unwanted Software,Oct 11-14,2017,Fajardo,Puerto Rico. Piscataway:IEEE Press, 2017: 19-27.
|
[9] |
YANG H Y , ZHUGE J W , LIU H M ,et al. A tool for volatile memory acquisition from android devices[C]// 12th IFIP WG 11.9 International Conference,September 20,2016,New Delhi,India. Berlin:Springer, 2016: 365-378.
|
[10] |
JOY J , JOHN A , JOY J . Rootkit detection mechanism:a survey[J]. Communications in Computer & Information Science, 2011(203): 366-374.
|
[11] |
SYED R , GABRIEL L , MATT G ,et al. Advocating for hybrid intrusion detection prevention system and framework improvement[J]. Procedia Computer Science, 2016(95): 369-374.
|
[12] |
SUN H M , WANG H , WANG K H ,et al. A native APIs protection mechanism in the Kernel mode against malicious code[J]. IEEE Transactions on Computers, 2011,60(6): 813-823.
|
[13] |
SHAID S Z M , MAAROF M A . In memory detection of Windows API call hooking technique[C]// International Conference on Computer,Communications,and Control Technology,April 21-23,2015,Kuching,Malaysia. Piscataway:IEEE Press, 2015: 294-298.
|
[14] |
WANG Y , GU D , LI W ,et al. Virus analysis on IDT hooks of Rootkits Trojan[C]// International Symposium on Information Engineering and Electronic Commerce,May 6-17,2009,Ternopil,Ukraine. Washington DC:IEEE Computer Society, 2009: 224-228.
|
[15] |
PAN M R , CAO T J . Research on process hiding technology based on direct kernel object manipulation[J]. Computer Engineering, 2010,36(18): 138-140.
|
[16] |
GRANISEWSKI W , ARCISXEWKI A . Performance analysis of selected hypervisors (virtual machine monitors-VMMs)[J]. International Journal of Electronics & Telecommunications, 2016,62(3): 231-236.
|
[17] |
UHLIG R , NEIGER G , RODGERS D ,et al. Intel virtualization technology[J]. Computer, 2005,38(5): 48-56.
|
[18] |
KING S T , CHEN P M . Sub Virt:implementing malware with virtual machines[C]// 2006 IEEE Symposium on Security and Privacy,May 21-24,2006,Berkeley/Oakland,CA,USA. Washington DC:IEEE Computer Society, 2006: 314-327.
|
[19] |
SERGEEV A , MINCHENKOV V , BASHUN V . Malicious hypervisor and hidden virtualization of operation systems[C]// International Conference on Application of Information and Communication Technologies,Oct 14-16,2015,Rostov on Don,Russia. Piscataway:IEEE Press, 2015: 178-182.
|
[20] |
EMBLETON S , SPARKS S , ZOU C . SMM Rootkits:a new breed of OS independent malware[J]. Security & Communication Networks, 2013,6(12): 1590-1605.
|
[21] |
LUCKETT P , MCDONALD J T , DAWSON J . Neural network analysis of system call timing for Rootkit detection[C]// Cyber Security Symposium,April 18-20,2016,Coeur d’Alene,ID,USA. Piscataway:IEEE Press, 2016.
|
[22] |
CASE A , III G G R . Advancing mac OS X Rootkit detection[J]. Digital Investigation, 2015(14): S25-S33.
|
[23] |
ECKERT M , PODEORAD I , KLAUER B . Hardware based security enhanced direct memory access[Z]. 2017.
|
[24] |
ZHU J , ZHOU T , WANG Q . Towards a novel approach for hidden process detection based on physical memory scanning[C]// Fourth International Conference on Multimedia Information Networking and Security,Nov 2-4,2012,Nanjing,China. Washington DC:IEEE Computer Society, 2012: 662-665.
|
[25] |
MAENE P , GOTZFRIED J , CLERERCQ R D ,et al. Hardware-based trusted computing architectures for isolation and attestation[J]. IEEE Transactions on Computers, 2018,67(3): 361-374.
|
[26] |
DESNOS A , FILIOL E , LEFOU I . Detecting (and creating!) a HVM Rootkit (aka blue Pill-like)[J]. Journal in Computer Virology, 2011,7(1): 23-50.
|
[27] |
ZHANG L , SHETTY S , LIU P ,et al. Rootkit Det:practical end-to-end defense against kernel Rootkits in a cloud environment[C]// European Symposium on Research in Computer Security,September 10,2014,Wroclaw,Poland. Berlin:Springer, 2014: 475-493.
|