| 发明名称 |
Automated rootkit detector |
| 摘要 |
Embodiments of a RootKit detector are directed to identifying a RootKit on a computer that is designed to conceal malware. Aspects of the RootKit detector leverage services provided by kernel debugger facilities to automatically obtain data in specified data structures that are maintained by an operating system. Then the data obtained from the kernel debugger facilities is processed with an integrity checker that determines whether the data contains properties sufficient to declare that a RootKit is resident on the computer.
|
| 申请公布号 |
US2006294592(A1) |
申请公布日期 |
2006.12.28 |
| 申请号 |
US20050170792 |
申请日期 |
2005.06.28 |
| 申请人 |
MICROSOFT CORPORATION |
发明人 |
POLYAKOV ALEXEY A.;LOIHLE GRETCHEN L.;COSTEA MIHAI;HENSING ROBERT J.JR.;FIELD SCOTT A.;ORGOVAN VINCENT R.;WANG YI-MIN;LIN YUN |
| 分类号 |
G06F12/14 |
主分类号 |
G06F12/14 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
