ارسل ملاحظاتك

ارسل ملاحظاتك لنا







Optimization Of Rootkit Revealing System Resources: A Game Theoretic Approach

المصدر: مجلة جامعة الملك سعود - علوم الحاسب والمعلومات
الناشر: جامعة الملك سعود
المؤلف الرئيسي: Muthumanickam, K. (Author)
مؤلفين آخرين: Ilavarasan, E. (Co-Author)
المجلد/العدد: مج27, ع4
محكمة: نعم
الدولة: السعودية
التاريخ الميلادي: 2015
الصفحات: 386 - 392
DOI: 10.33948/0584-027-004-003
ISSN: 1319-1578
رقم MD: 973717
نوع المحتوى: بحوث ومقالات
اللغة: الإنجليزية
قواعد المعلومات: science
مواضيع:
كلمات المؤلف المفتاحية:
Computer Security | Non Cooperative Game Theory | Rootkit | Resource Optimization | Windows OS
رابط المحتوى:
صورة الغلاف QR قانون
حفظ في:
المستخلص: Malicious rootkit is a collection of programs designed with the intent of infecting and monitoring the victim computer without the user’s permission. After the victim has been compromised, the remote attacker can easily cause further damage. In order to infect, compromise and monitor, rootkits adopt Native Application Programming Interface (API) hooking technique. To reveal the hidden rootkits, current rootkit detection techniques check different data structures which hold reference to Native APIs. To verify these data structures, a large amount of system resources are required. This is because of the number of APIs in these data structures being quite large. Game theoretic approach is a useful mathematical tool to simulate network attacks. In this paper, a mathematical model is framed to optimize resource consumption using game-theory. To the best of our knowledge, this is the first work to be proposed for optimizing resource consumption while revealing rootkit presence using game theory. Non-cooperative game model is taken to discuss the problem. Analysis and simulation results show that our game theoretic model can effectively reduce the resource consumption by selectively monitoring the number of APIs in windows platform.

ISSN: 1319-1578