Timely Rootkit Detection During Live Response
Document Type
Conference Proceeding
Publication Date
2008
Abstract
This paper describes a non-intrusive rootkit detection tool designed to support forensic investigations that involve the live analysis of computer systems. The tool, which does not require pre-installation, correlates outputs from multiple system data gathering utilities. Test results indicate that the tool successfully detects several well-known rootkits, including Hacker Defender, AFX, Vanquish, FU and FUto. Abstract © Springer
DOI
10.1007/978-0-387-84927-0_12
Source Publication
IFIP — The International Federation for Information Processing, vol. 285
Recommended Citation
Molina, D., Zimmerman, M., Roberts, G., Eaddie, M., & Peterson, G. (2008). Timely Rootkit Detection During Live Response. In I. Ray & S. Shenoi (Eds.), Advances in Digital Forensics IV. DigitalForensics 2008. (pp. 139–148). Boston: Springer. https://doi.org/10.1007/978-0-387-84927-0_12
Comments
The "Link to Full Text" on this page loads the PDF of the chapter, furnished through the Springer Nature SharedIt content-sharing initiative. The publisher retains permissions to re-use and distribute this chapter in IFIP vol. 285.
© IFIP International Federation for Information Processing 2008