A Methodology to Detect Malware B ased on the NTFS File System
By researching on the current developing trends of malicious programs,systematically comparing the various technologies and methodoiogies Which are with respect to the hiding and detection of the files,and theu comprehensively analyzing their deficiencies.we finally provide a brand-new hiding and detection methodology based on the NTFS nle system.Which makes the detection more integrated and reliable,especially on malicious programs.The experiment indicates that this methodology can almost detect all the current malicious programs Which use hiding file technology.
Malware NTFS file system File hiding and detection Rootkit file system
Guangyuan Yang Yichao Li Xiaodong Li
国际会议
The International Conference Information Computing and Automation(2007国际信息计算与自动化会议)
成都
英文
75-78
2007-12-19(万方平台首次上网日期,不代表论文的发表时间)