Research on the Principle of Bootkit
As all kinds of defendable and detection software protect information system from destroying by malware effectively, malware becomes more and more advanced too. Current malware continues to penetrate into the underlying bottom of computer system. Bootkit is the newest research product. Bootkit has powerful latent property and resists to most detection tools, which is harmful to information security seriously. In order to research how to detect Bootkit, we have to understand its principle. The research history and actuality of Bootkit is introduced firstly. Moreover several important technologies related to Bootkit are described concretely. Further, the booting process of computer system is analyzed particularly. Then the principle of Bootkit is present comprehensively from three categories of Bootkit. At last, we conclude this paper and indicate future work.
Bootkit BIOS MBR NTLDR
Yu Zhu Shengli Liu Hongbo Gao Yongjun Shen Lei Meng
Zhengzhou institute of Information Science And Technology Zhengzhou, China
国际会议
太原
英文
196-199
2011-02-26(万方平台首次上网日期,不代表论文的发表时间)