Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Wang Chi-wei | en_US |
| dc.contributor.author | Chen Chong-kuan | en_US |
| dc.contributor.author | Wang Chia-wei | en_US |
| dc.contributor.author | Shieh Shiuhpyng | en_US |
| dc.date.accessioned | 2015-12-04T07:03:12Z | - |
| dc.date.available | 2015-12-04T07:03:12Z | - |
| dc.date.issued | 2015-08-27 | en_US |
| dc.identifier.govdoc | G06F021/56 | zh_TW |
| dc.identifier.uri | http://hdl.handle.net/11536/128685 | - |
| dc.description.abstract | A method for determining whether a to-be-tested program contains malicious behavior is disclosed. The method includes steps of providing an emulator having a kernel and a plurality of installed hook points, wherein the kernel has a plurality of in-kernel functions; executing the to-be-tested program in the emulator dynamically to invoke the plurality of installed hook points to obtain a specific in-kernel function set from the plurality of in-kernel functions; and determining whether the to-be-tested program contains instructions for malicious behavior based on an invocation sequence of the specific in-kernel function set. | zh_TW |
| dc.language.iso | zh_TW | en_US |
| dc.title | METHOD OF GENERATING IN-KERNEL HOOK POINT CANDIDATES TO DETECT ROOTKITS AND THE SYSTEM THEREOF | zh_TW |
| dc.type | Patents | en_US |
| dc.citation.patentcountry | USA | zh_TW |
| dc.citation.patentnumber | 20150242626 | zh_TW |
| Appears in Collections: | Patents | |
- MrKIP: Rootkit Recognition With Kernel Function Invocation Pattern / Wang, Chi-Wei;Chen, Chong-Kuan;Wang, Chia-Wei;Shieh, Shiuhpyng Winston
- 基於內核函數呼叫模式之惡意程式種類辨認方法 / 劉芳瑜;謝續平;Shieh, Shiuhpyng
- ProbeBuilder - Automating Probe Construction in Virtual Machine Introspection through Uncovering Opaque Kernel Data Structures / 王繼偉;Wang, Chi-Wei;謝續平;Shieh, Shiuhpyng
- 虛擬機記憶體與磁碟狀態之觀測與操控 / 黃俊祺;Huang, Chun-Chi;吳育松;Wu, Yu-Sung
- 前瞻性雲端安全儲存、防護、行為分析與觀測平台---子計畫二:基於機器碼之Windows惡意程式行為分析雲端平台( II ) / 謝續平;SHIEH SHIUH-PYNG
Loading...