The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Rootkits vs. Stealth by Design malware…

Posted by Xavier Ashe on February 3, 2006

The presentation I gave at Black Hat Federal
last week about new generation of stealth malware, so called Stealth by
Design (SbD) malware, which doesn't use any of the classic rootkit
technology tricks, but still offers full stealth, can be downloaded here:

http://invisiblethings.org/papers/rutkowska_bhfederal2006.ppt

And you can also get AVI demos here (10MB):

http://invisiblethings.org/papers/rutkowska-bhfed2006-demos.rar

The presentation also focuses on limitations of the current
anti-rootkit technology and why it’s not useful in fighting SbD
malware. Consequently, alternative method for compromise detection is
advocated in this presentation, Explicit Compromise Detection (ECD), as
well as the challenges which Independent Software Vendors encounter
when trying to implement ECD for Windows systems – I call it Memory
Reading Problem (MRP).

Read the full blog post by Joanna.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: