| 发明名称 |
DISCOVERY OF KERNEL ROOTKITS WITH MEMORY SCAN |
| 摘要 |
<p>A system and method are provided for detecting kernel level rootkits including scanning a kernel memory using a kernel level detector. The kernel level detector includes kernel level code executing in kernel space. The kernel memory is compared to at least one rootkit signature file to determine if a rootkit signature corresponding to the rootkit signature file is present in the kernel memory.</p> |
| 申请公布号 |
WO2007044499(A1) |
申请公布日期 |
2007.04.19 |
| 申请号 |
WO2006US39088 |
申请日期 |
2006.10.04 |
| 申请人 |
COMPUTER ASSOCIATES THINK, INC.;GASSOWAY, PAUL, A. |
发明人 |
GASSOWAY, PAUL, A. |
| 分类号 |
G06F21/02 |
主分类号 |
G06F21/02 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
