Abstract
As a new kind of Trojan horse which combines with the kernel Rootkit technologies, kernel Trojan horse has received a great mount of people’s attention and been used a lot. However, the sensitive property of kernel Trojan which follows traditional architecture model is fully exposed to the security software, and needs kernel concealment module to complete all the hidden works, thus the concealment module is too large, easily detected by security software. Based on the analysis of Trojan collaborative concealment model, this paper improves the traditional architecture model and introduces a lightweight concealment module of pure kernel Trojan horse architecture model. Furthermore, an example which adopts the improved model is present in this paper. The experimental results verify the feasibility and efficient of the improved model.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Lacombe, E., Raynal, F., Nicomette, V.: Rootkit modeling and experiments under Linux. Journal in Computer Virology 4, 137–157 (2008)
Wang, J.: doi: 10.1109/ICIME.2010.5478178
Gong, G., Li, Z.-J., Hu, C.-J., Zou, Y.-K., Li, Z.-P.: Research on Stealth Technology of Windows Kernel level Rootkits. Computer Science 37, 59–62 (2010)
Liu, D., Gan, Z.: Research on Concealment Technology of kernel-based Trojan Horse Under Windows. Microprocessors 3, 41–44 (2009)
Kang, Z.-P., Xiang, H., Hu, H.-B.: Research and practice on concealing technology of Windows’ Rootkit. Computer Engineering and Design 28, 3334–3337 (2007)
Zuo, L.-M., Jiang, Z.-F., Tang, P.-Z.: Concealing Technology of Windows Rootkit and Integrated Detection Method. Computer Engineering 35, 118–120 (2009)
Zhang, X.-Y., Qing, S.-H., Ma, H.-T., Zhang, N., Sun, S.-H., Jiang, J.-C.: Research on the concealing technology of Trojan horses. Research on the concealing technology of Trojan horses. Journal of China Institute of Communications 25, 153–159 (2004)
Hoglund, G., Butler, J.: Rootkits: Subverting the Windows Kernel. Addison-Wesley Professional, Boston (2005)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhao, M., Jiang, R. (2012). An Improved Kernel Trojan Horse Architecture Model. In: Gaol, F. (eds) Recent Progress in Data Engineering and Internet Technology. Lecture Notes in Electrical Engineering, vol 157. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28798-5_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-28798-5_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-28797-8
Online ISBN: 978-3-642-28798-5
eBook Packages: EngineeringEngineering (R0)