| 摘要 |
PURPOSE: A hidden process monitoring method and a system thereof are provided to detect hidden processes which are not detected in process information of an application layer without requirement of kernel layer information. CONSTITUTION: A hidden process monitoring system monitors a process in an application layer(S200). If work window information of the application layer is monitored, the system compares the process of the application layer and working window information of the application layer(S202,S204). The system detects a hidden process(S206). The hidden process is detected in the work window information. The hidden process is not detected in process information of the application layer.
|
