ModuleGuard: A gatekeeper for dynamic module loading against malware

@article{Ding2013ModuleGuardAG,
  title={ModuleGuard: A gatekeeper for dynamic module loading against malware},
  author={Shuang Ding and Jianming Fu and Bichen Peng},
  journal={Wuhan University Journal of Natural Sciences},
  year={2013},
  volume={18},
  pages={489-498}
}
We analyze the attack steps of malware and focus on the malware loading. Our assumption is that a malware contains no less than one module, so monitoring module loading is indispensable to defeat malware. Moreover, we design security policies and employ these policies when a module is loaded by the operating system. These policies depend on properties of… CONTINUE READING