Managed Code Rootkits : Hooking into Runtime Environments
Erez. Metula
Bok Engelsk 2010 · Electronic books.
| Utgitt | Burlington : : Elsevier Science, , 2010.
|
|---|---|
| Omfang | 1 online resource (337 p.)
|
| Opplysninger | Description based upon print version of record.. - Front Cover; Managed Code Rootkits; Copyright; Table of Contents; Acknowledgements; About the Author; Part I: Overview; Chapter 1. Introduction; The Problem of Rootkits and Other Types of Malware; Why Do You Need This Book?; Terminology Used in This Book; Technology Background: An Overview; Summary; Chapter 2. Managed Code Rootkits; What Can Attackers Do with Managed Code Rootkits?; Common Attack Vectors; Why Are Managed Code Rootkits Attractive to Attackers?; Summary; Endnotes; Part II: Malware Development; Chapter 3. Tools of the Trade; The Compiler; The Decompiler; The Assembler. - ReFrameworker Modules ConceptUsing the Tool; Developing New Modules; Setting Up the Tool; Summary; Chapter 8. Advanced Topics; "Object-Oriented-Aware " Malware; Thread Injection; State Manipulation; Covering the Traces As Native Code; Summary; Part III: Countermeasures; Chapter 9. Defending against MCRs; What Can We Do about This Kind of Threat ?; Awareness: Malware Is Everybody's Problem; The Prevention Approach; The Detection Approach; The Response Approach; Summary; Endnote; Part IV: Where Do We Go from Here?; Chapter 10. Other Uses of Runtime Modification. - Runtime Modification As an Alternative Problem-Solving ApproachRuntime Hardening; Summary; Index. - The DisassemblerThe Role of Debuggers; The Native Compiler; File Monitors; Summary; Chapter 4. Runtime Modification; Is It Possible to Change the Definition of a Programming Language?; Walkthrough: Attacking the Runtime Class Libraries; Summary; Chapter 5. Manipulating the Runtime; Manipulating the Runtime According to Our Needs; Reshaping the Code; Code Generation; Summary; Chapter 6. Extending the Language with a Malware API; Why Should We Extend the Language?; Extending the Runtime with a Malware API; Summary; Endnote; Chapter 7. Automated Framework Modification; What is ReFrameworker?. - Imagine being able to change the languages for the applications that a computer is running and taking control over it. That is exactly what managed code rootkits can do when they are placed within a computer. This new type of rootkit is hiding in a place that had previously been safe from this type of attack-the application level. Code reviews do not currently look for back doors in the virtual machine (VM) where this new rootkit would be injected. An invasion of this magnitude allows an attacker to steal information on the infected computer, provide false information, and disable security
|
| Emner | Computers - Access control
Virtual computer systems - Security measures Common Language Runtime (Computer science). Computer security. Vis mer... Rootkits (Computer software).
Computer Science Engineering & Applied Sciences datasikkerhet informasjonssikkerhet virtuelle datasystemer rootkits tilgangskontroll datamaskiner computere sikkerhet målinger |
| Sjanger | |
| Dewey | |
| ISBN | 9781597495745
|
