完整後設資料紀錄
DC 欄位語言
dc.contributor.authorSun, Hung-Min
dc.contributor.authorTseng, Yu-Tung
dc.contributor.authorLin, Yue-Hsun
dc.date.accessioned2009-08-23T04:42:52Z
dc.date.accessioned2020-05-25T06:54:45Z-
dc.date.available2009-08-23T04:42:52Z
dc.date.available2020-05-25T06:54:45Z-
dc.date.issued2007-01-29T08:23:08Z
dc.date.submitted2006-12-04
dc.identifier.urihttp://dspace.lib.fcu.edu.tw/handle/2377/3598-
dc.description.abstractIn present Microsoft Windows operating system, there are unofficial approaches to inject code into other running processes. We discuss the methods and corresponding potential threats in this paper. Malicious software may use these approaches to infect authorized processes to launch attacks inside the system even under the protection of antivirus and firewall software. After analyzing these runtime code injections, we proposed the mechanism – Detecting the Code Injection Engine (DCIE). DCIE is implemented as a loadable kernel-mode driver that is able to detect runtime code injections, and the maximal overhead caused by DCIE is less than 3.26%. The minor overhead makes DCIE suitable to be installed on Windows OS or combine with other software to increase system security.
dc.description.sponsorship元智大學,中壢市
dc.format.extent6p.
dc.format.extent430187 bytes
dc.format.mimetypeapplication/pdf
dc.language.isozh_TW
dc.relation.ispartofseries2006 ICS會議
dc.subject.otherNetwork and System Security
dc.titleDetecting the Code Injection by Hooking System Calls in Windows Kernel Mode
分類:2006年 ICS 國際計算機會議

文件中的檔案:
檔案 描述 大小格式 
ce07ics002006000144.pdf420.1 kBAdobe PDF檢視/開啟


在 DSpace 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。