Skip to main content
SpringerLink
Log in
Book cover

Recent Progress in Data Engineering and Internet Technology pp 129–134Cite as

An Improved Kernel Trojan Horse Architecture Model

  • Conference paper

  • 1587 Accesses

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 157))

Abstract

As a new kind of Trojan horse which combines with the kernel Rootkit technologies, kernel Trojan horse has received a great mount of people’s attention and been used a lot. However, the sensitive property of kernel Trojan which follows traditional architecture model is fully exposed to the security software, and needs kernel concealment module to complete all the hidden works, thus the concealment module is too large, easily detected by security software. Based on the analysis of Trojan collaborative concealment model, this paper improves the traditional architecture model and introduces a lightweight concealment module of pure kernel Trojan horse architecture model. Furthermore, an example which adopts the improved model is present in this paper. The experimental results verify the feasibility and efficient of the improved model.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   259.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   329.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   329.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Lacombe, E., Raynal, F., Nicomette, V.: Rootkit modeling and experiments under Linux. Journal in Computer Virology 4, 137–157 (2008)

    Article  Google Scholar 

  2. Wang, J.: doi: 10.1109/ICIME.2010.5478178

    Google Scholar 

  3. Gong, G., Li, Z.-J., Hu, C.-J., Zou, Y.-K., Li, Z.-P.: Research on Stealth Technology of Windows Kernel level Rootkits. Computer Science 37, 59–62 (2010)

    Google Scholar 

  4. Liu, D., Gan, Z.: Research on Concealment Technology of kernel-based Trojan Horse Under Windows. Microprocessors 3, 41–44 (2009)

    Google Scholar 

  5. Kang, Z.-P., Xiang, H., Hu, H.-B.: Research and practice on concealing technology of Windows’ Rootkit. Computer Engineering and Design 28, 3334–3337 (2007)

    Google Scholar 

  6. Zuo, L.-M., Jiang, Z.-F., Tang, P.-Z.: Concealing Technology of Windows Rootkit and Integrated Detection Method. Computer Engineering 35, 118–120 (2009)

    Google Scholar 

  7. Zhang, X.-Y., Qing, S.-H., Ma, H.-T., Zhang, N., Sun, S.-H., Jiang, J.-C.: Research on the concealing technology of Trojan horses. Research on the concealing technology of Trojan horses. Journal of China Institute of Communications 25, 153–159 (2004)

    Google Scholar 

  8. Hoglund, G., Butler, J.: Rootkits: Subverting the Windows Kernel. Addison-Wesley Professional, Boston (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Technology, Faculty of Electronic Information and Electrical Engineering, Dalian University of Technology, Dalian, China

    Mingwei Zhao & Rongan Jiang

Authors
  1. Mingwei Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rongan Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mingwei Zhao .

Editor information

Editors and Affiliations

  1. Bina Nusantara University, Jakarta, 11480, Indonesia

    Ford Lumban Gaol

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zhao, M., Jiang, R. (2012). An Improved Kernel Trojan Horse Architecture Model. In: Gaol, F. (eds) Recent Progress in Data Engineering and Internet Technology. Lecture Notes in Electrical Engineering, vol 157. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28798-5_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-28798-5_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28797-8

  • Online ISBN: 978-3-642-28798-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation