Learn More
Using a sandbox for malware analysis has proven effective in helping people quickly understand the behavior of unknown malware. This technique is also complementary to other malware analysis techniques such as static code analysis and debugger-based code analysis. This paper presents Rkprofiler, a sandbox-based malware tracking system that dynamically(More)
Despite many advances in system security, rootkits remain a threat to major operating systems. First, this paper discusses why kernel integrity verification is not sufficient to counter all types of kernel rootkits and a confidentiality-violation rootkit is demonstrated to evade all integrity verifiers. Then, the paper presents, DARK, a rootkit prevention(More)
iii For my family iv ACKNOWLEDGEMENTS First of all, I wish to express my sincere thanks to my advisor, Dr. John Copeland for his insight guidance, endless patience and support. Without his help, this research could not have been completed. I am indebted to him. Dr. Alessandro (Alex) Orso and Dr Raheem Beyah for their valuable times, professional suggestions(More)
  • 1