Catalogue Search | MBRL
Are you sure you want to remove the book from the shelf?
{{itemTitle}}
23
result(s) for
"Rootkits (Computer software)"
Sort by:
Enhancing Cyber-Resilience for Small and Medium-Sized Organizations with Prescriptive Malware Analysis, Detection and Response
In this study, the methodology of cyber-resilience in small and medium-sized organizations (SMEs) is investigated, and a comprehensive solution utilizing prescriptive malware analysis, detection and response using open-source solutions is proposed for detecting new emerging threats. By leveraging open-source solutions and software, a system specifically designed for SMEs with up to 250 employees is developed, focusing on the detection of new threats. Through extensive testing and validation, as well as efficient algorithms and techniques for anomaly detection, safety, and security, the effectiveness of the approach in enhancing SMEs’ cyber-defense capabilities and bolstering their overall cyber-resilience is demonstrated. The findings highlight the practicality and scalability of utilizing open-source resources to address the unique cybersecurity challenges faced by SMEs. The proposed system combines advanced malware analysis techniques with real-time threat intelligence feeds to identify and analyze malicious activities within SME networks. By employing machine-learning algorithms and behavior-based analysis, the system can effectively detect and classify sophisticated malware strains, including those previously unseen. To evaluate the system’s effectiveness, extensive testing and validation were conducted using real-world datasets and scenarios. The results demonstrate significant improvements in malware detection rates, with the system successfully identifying emerging threats that traditional security measures often miss. The proposed system represents a practical and scalable solution using containerized applications that can be readily deployed by SMEs seeking to enhance their cyber-defense capabilities.
Journal Article
An emerging threat Fileless malware: a survey and research challenges
With the evolution of cybersecurity countermeasures, the threat landscape has also evolved, especially in malware from traditional file-based malware to sophisticated and multifarious fileless malware. Fileless malware does not use traditional executables to carry-out its activities. So, it does not use the file system, thereby evading signature-based detection system. The fileless malware attack is catastrophic for any enterprise because of its persistence, and power to evade any anti-virus solutions. The malware leverages the power of operating systems, trusted tools to accomplish its malicious intent. To analyze such malware, security professionals use forensic tools to trace the attacker, whereas the attacker might use anti-forensics tools to erase their traces. This survey makes a comprehensive analysis of fileless malware and their detection techniques that are available in the literature. We present a process model to handle fileless malware attacks in the incident response process. In the end, the specific research gaps present in the proposed process model are identified, and associated challenges are highlighted.
Journal Article
XDA's Android Hacker's Toolkit: The Complete Guide to Rooting, ROMs and Theming
Make your Android device truly your own Are you eager to make your Android device your own but you're not sure where to start? Then this is the book for you. XDA is the world's most popular resource for Android hacking enthusiasts, and a huge community has grown around customizing Android devices with XDA. XDA's Android Hacker's Toolkit gives you the tools you need to customize your devices by hacking or rooting the android operating system. Providing a solid understanding of the internal workings of the Android operating system, this book walks you through the terminology and functions of the android operating system from the major nodes of the file system to basic OS operations. As you learn the fundamentals of Android hacking that can be used regardless of any new releases, you'll discover exciting ways to take complete control over your device. Teaches theory, preparation and practice, and understanding of the OS Explains the distinction between ROMing and theming Provides step-by-step instructions for Droid, Xoom, Galaxy Tab, LG Optimus, and more Identifies the right tools for various jobs Contains new models enabling you to root and customize your phone Offers incomparable information that has been tried and tested by the amazing XDA community of hackers, gadgeteers, and technicians XDA's Android Hacker's Toolkit is a simple, one-stop resource on hacking techniques for beginners.
eBook
Designing BSD rootkits
Though rootkits have a fairly negative image, they can be used for both good and evil. Designing BSD Rootkits arms you with the knowledge you need to write offensive rootkits, to defend against malicious ones, and to explore the FreeBSD kernel and operating system in the process. Organized as a tutorial, Designing BSD Rootkits will teach you the fundamentals of programming and developing rootkits under the FreeBSD operating system. Author Joseph Kong's goal is to make you smarter, not to teach you how to write exploits or launch attacks. You'll learn how to maintain root access long after gaining access to a computer and how to hack FreeBSD. Kongs liberal use of examples assumes no prior kernel-hacking experience but doesn't water down the information. All code is thoroughly described and analyzed, and each chapter contains at least one real-world application. Included: The fundamentals of FreeBSD kernel module programming Using call hooking to subvert the FreeBSD kernel Directly m
eBook
Detecting Kernel-Level Rootkits Using Data Structure Invariants
Rootkits affect system security by modifying kernel data structures to achieve a variety of malicious goals. While early rootkits modified control data structures, such as the system call table and values of function pointers, recent work has demonstrated rootkits that maliciously modify noncontrol data. Most prior techniques for rootkit detection have focused solely on detecting control data modifications and, therefore, fail to detect such rootkits. This paper presents a novel technique to detect rootkits that modify both control and noncontrol data. The main idea is to externally observe the execution of the kernel during an inference phase and hypothesize invariants on kernel data structures. A rootkit detection phase uses these invariants as specifications of data structure integrity. During this phase, violation of invariants indicates an infection. We have implemented Gibraltar, a prototype tool that infers kernel data structure invariants and uses them to detect rootkits. Experiments show that Gibraltar can effectively detect previously known rootkits, including those that modify noncontrol data structures.
Journal Article
Profiling with trust: system monitoring from trusted execution environments
Large-scale attacks on IoT and edge computing devices pose a significant threat. As a prominent example, Mirai is an IoT botnet with 600,000 infected devices around the globe, capable of conducting effective and targeted DDoS attacks on (critical) infrastructure. Driven by the substantial impacts of attacks, manufacturers and system integrators propose Trusted Execution Environments (TEEs) that have gained significant importance recently. TEEs offer an execution environment to run small portions of code isolated from the rest of the system, even if the operating system is compromised. In this publication, we examine TEEs in the context of system monitoring and introduce the Trusted Monitor (TM), a novel anomaly detection system that runs within a TEE. The TM continuously profiles the system using hardware performance counters and utilizes an application-specific machine-learning model for anomaly detection. In our evaluation, we demonstrate that the TM accurately classifies 86% of 183 tested workloads, with an overhead of less than 2%. Notably, we show that a real-world kernel-level rootkit has observable effects on performance counters, allowing the TM to detect it. Major parts of the TM are implemented in the Rust programming language, eliminating common security-critical programming errors.
Journal Article
Practical reverse engineering
Analyzing how hacks are done, so as to stop them in the future
Reverse engineering is the process of analyzing hardware or software and understanding it, without having access to the source code or design documents. Hackers are able to reverse engineer systems and exploit what they find with scary results. Now the good guys can use the same tools to thwart these threats. Practical Reverse Engineering goes under the hood of reverse engineering for security analysts, security engineers, and system programmers, so they can learn how to use these same processes to stop hackers in their tracks.
The book covers x86, x64, and ARM (the first book to cover all three); Windows kernel-mode code rootkits and drivers; virtual machine protection techniques; and much more. Best of all, it offers a systematic approach to the material, with plenty of hands-on exercises and real-world examples.
* Offers a systematic approach to understanding reverse engineering, with hands-on exercises and real-world examples
* Covers x86, x64, and advanced RISC machine (ARM) architectures as well as deobfuscation and virtual machine protection techniques
* Provides special coverage of Windows kernel-mode code (rootkits/drivers), a topic not often covered elsewhere, and explains how to analyze drivers step by step
* Demystifies topics that have a steep learning curve
* Includes a bonus chapter on reverse engineering tools
Practical Reverse Engineering: Using x86, x64, ARM, Windows Kernel, and Reversing Tools provides crucial, up-to-date guidance for a broad range of IT professionals.
eBook
XDA Developers' Android Hacker's Toolkit
Make your Android device truly your own
Are you eager to make your Android device your own but you're not sure where to start? Then this is the book for you. XDA is the world's most popular resource for Android hacking enthusiasts, and a huge community has grown around customizing Android devices with XDA. XDA's Android Hacker's Toolkit gives you the tools you need to customize your devices by hacking or rooting the android operating system.
Providing a solid understanding of the internal workings of the Android operating system, this book walks you through the terminology and functions of the android operating system from the major nodes of the file system to basic OS operations. As you learn the fundamentals of Android hacking that can be used regardless of any new releases, you'll discover exciting ways to take complete control over your device.
* Teaches theory, preparation and practice, and understanding of the OS
* Explains the distinction between ROMing and theming
* Provides step-by-step instructions for Droid, Xoom, Galaxy Tab, LG Optimus, and more
* Identifies the right tools for various jobs
* Contains new models enabling you to root and customize your phone
* Offers incomparable information that has been tried and tested by the amazing XDA community of hackers, gadgeteers, and technicians
XDA's Android Hacker's Toolkit is a simple, one-stop resource on hacking techniques for beginners.
eBook
Evolution of Malware Threats and Techniques: A Review
The rapid development of technology, and its usage, in our everyday lives caused us to depend on many of the aspects it offers. The evolution of the Internet in recent decades has changed human life drastically as accessing knowledge, communication, and social interaction, became readily available. Nowadays, we have become dependent on our PCs and smart devices in accomplishing everyday tasks. People are using these devices to store valuable information. This information became the target of cybercriminals who are constantly creating new ways to gain unauthorized access to it. In the past few decades, cybercrime and the construction of malicious software (malware), have seen a significant rise. In this research, we present a literature review of the historical evolution of malware. We describe the common characteristics and propagation methods for the types of malware in each phase of its evolution. Furthermore, we illustrate the purpose of its creation and the damages it has caused. The purpose of this study is to provide researchers with background about malware and its evolution leading up to present day threats.
Journal Article