完整後設資料紀錄
DC 欄位 | 值 | 語言 |
---|---|---|
dc.contributor.author | Sun, Hung-Min | |
dc.contributor.author | Tseng, Yu-Tung | |
dc.contributor.author | Lin, Yue-Hsun | |
dc.date.accessioned | 2009-08-23T04:42:52Z | |
dc.date.accessioned | 2020-05-25T06:54:45Z | - |
dc.date.available | 2009-08-23T04:42:52Z | |
dc.date.available | 2020-05-25T06:54:45Z | - |
dc.date.issued | 2007-01-29T08:23:08Z | |
dc.date.submitted | 2006-12-04 | |
dc.identifier.uri | http://dspace.lib.fcu.edu.tw/handle/2377/3598 | - |
dc.description.abstract | In present Microsoft Windows operating system, there are unofficial approaches to inject code into other running processes. We discuss the methods and corresponding potential threats in this paper. Malicious software may use these approaches to infect authorized processes to launch attacks inside the system even under the protection of antivirus and firewall software. After analyzing these runtime code injections, we proposed the mechanism – Detecting the Code Injection Engine (DCIE). DCIE is implemented as a loadable kernel-mode driver that is able to detect runtime code injections, and the maximal overhead caused by DCIE is less than 3.26%. The minor overhead makes DCIE suitable to be installed on Windows OS or combine with other software to increase system security. | |
dc.description.sponsorship | 元智大學,中壢市 | |
dc.format.extent | 6p. | |
dc.format.extent | 430187 bytes | |
dc.format.mimetype | application/pdf | |
dc.language.iso | zh_TW | |
dc.relation.ispartofseries | 2006 ICS會議 | |
dc.subject.other | Network and System Security | |
dc.title | Detecting the Code Injection by Hooking System Calls in Windows Kernel Mode | |
分類: | 2006年 ICS 國際計算機會議 |
文件中的檔案:
檔案 | 描述 | 大小 | 格式 | |
---|---|---|---|---|
ce07ics002006000144.pdf | 420.1 kB | Adobe PDF | 檢視/開啟 |
在 DSpace 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。