Dannie M. Stanley

Learn More
• Static objects are identified using kernel-exported mapping information. • Dynamic object [de]allocations are reported by annotated kernel memory functions with hypercalls. • Memory ranges are extracted from function arguments and return values. • Call stack information is used to derive data types. • Pages that contain allocated kernel objects are(More)
The vast majority of hosts on the Internet, including mobile clients, are running on one of three major operating system families. Malicious operating system kernel software, such as the code introduced by a kernel rootkit, is strongly dependent on the organization of the victim operating system. Due to the lack of diversity of operating systems, attackers(More)
ii To my wife, my parents, and my children. iii ACKNOWLEDGMENTS I would like to express my deep appreciation and gratitude to my advisors Dr. and the many wonderful opportunities that they afforded me. I am fortunate to have the opportunity to learn from such highly respected and accomplished mentors. would also like to thank my additional committee members(More)
  • 1