Data Interception through Broken Concurrency in Kernel Land

  • Julian L. Rrushi
  • Published 2014 in
    2014 IEEE Intl Conf on High Performance Computing…

Abstract

We present a kernel data interception technique that is undetectable by existing approaches to malware detection, and propose practical methods to detect it. The technique is based on breaking concurrency in a way that enables the attack code to take over the synchronization established by target kernel modules. That level of control allows the attack code… (More)
DOI: 10.1109/HPCC.2014.131

3 Figures and Tables

Topics

  • Presentations referencing similar topics