A Study of Rootkit Stealth Techniques and Associated Detection Methods

Author

Daniel D. Nerenberg

Date of Award

3-5-2007

Document Type

Thesis

Degree Name

Master of Science in Computer Engineering

Department

Department of Electrical and Computer Engineering

First Advisor

Paul Williams, PhD

Abstract

In today's world of advanced computing power at the fingertips of any user, we must constantly think of computer security. Information is power and this power is had within our computer systems. If we cannot trust the information within our computer systems then we cannot properly wield the power that comes from such information. Rootkits are software programs that are designed to develop and maintain an environment in which malware may hide on a computer system after successful compromise of that computer system. Rootkits cut at the very foundation of the trust that we put in our information and subsequent power. This thesis seeks to understand rootkit hiding techniques, rootkit finding techniques and develops attack trees and defense trees in order to help us identify deficiencies in detection to further increase the trust in our information systems.

AFIT Designator

AFIT-GCE-ENG-07-10

DTIC Accession Number

ADA519999

Recommended Citation

Nerenberg, Daniel D., "A Study of Rootkit Stealth Techniques and Associated Detection Methods" (2007). Theses and Dissertations. 3106.
https://scholar.afit.edu/etd/3106