关键词: Rootkit 隐藏 系统服务描述表 挂钩

Abstract:

The paper analyses different techniques of the Rootkit detection, which integrates the implementation of Windows rootkits that are widely spreaded on   the Internet, and points out their limitation. On this basis, a method based on cross-view is proposed to detect malicious programs, subsequently the ma   in idea and implementation steps are presented. Experimental results demonstrate the efficiency of our method.

Key words: Rootkit, hide, SSDT, hook