"Nice Boots!" - A Large-Scale Analysis of Bootkits and New Ways to Stop Them
نویسندگان
چکیده
Bootkits are among the most advanced and persistent technologies used in modern malware. For a deeper insight into their behavior, we conducted the first large-scale analysis of bootkit technology, covering 2,424 bootkit samples on Windows 7 and XP over the past 8 years. From the analysis, we derive a core set of fundamental properties that hold for all bootkits on these systems and result in abnormalities during the system’s boot process. Based on those abnormalities we developed heuristics allowing us to detect bootkit infections. Moreover, by judiciously blocking the bootkit’s infection and persistence vector, we can prevent bootkit infections in the first place. Furthermore, we present a survey on their evolution and describe how bootkits can evolve in the
منابع مشابه
A New Compromise Decision-making Model based on TOPSIS and VIKOR for Solving Multi-objective Large-scale Programming Problems with a Block Angular Structure under Uncertainty
This paper proposes a compromise model, based on a new method, to solve the multi-objective large-scale linear programming (MOLSLP) problems with block angular structure involving fuzzy parameters. The problem involves fuzzy parameters in the objective functions and constraints. In this compromise programming method, two concepts are considered simultaneously. First of them is that the optimal ...
متن کاملبازشناسی جلوههای هیجانی با استفاده از تحلیل تفکیک پذیری مبتنی بر خوشه بندی چهره
Improvement of Facial expression recognition is aim of proposed method. This is a new formulation to the linear discriminant analysis. In the new formulation within-class and between-class covariance matrix are estimated on the each cluster and in the test phase new samples are mapped to the subspace that is related to the cluster of them. At the first we addressed clustering analysis of faces ...
متن کاملA New Play-off Approach in League Championship Algorithm for Solving Large-Scale Support Vector Machine Problems
There are many numerous methods for solving large-scale problems in which some of them are very flexible and efficient in both linear and non-linear cases. League championship algorithm is such algorithm which may be used in the mentioned problems. In the current paper, a new play-off approach will be adapted on league championship algorithm for solving large-scale problems. The proposed algori...
متن کاملNanotechnology application in cancer treatment
Chemotherapy has been the main known treatment for cancer diseases. However, its achievement rate remains low, mainly because of the restricted accessibility of drugs to the tumor tissue, their painful toxicity, and development of multi-drug resistance. In recent years, either better understanding of tumor biology or development of the ever-growing field of nanotechnology has proposed new treat...
متن کامل06 New ways to Improve Energy efficiency in Pulp and Paper Industry
The activities of human civilization have imposed a high burden on the environment since the beginning of history on a global scale. That is why energy producers and consumers need to think deeply about the role that energy plays to achieve sustainable development. In this context, the maintenance of the environment, which cannot be replaced, should be taken into account precisely. Rising energ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2015