My Account Log in

1 option

Managed code rootkits : hooking into runtime environments / Erez Metula.

O'Reilly Online Learning: Academic/Public Library Edition Available online

View online
Format:
Book
Author/Creator:
Metula, Erez.
Language:
English
Subjects (All):
Computers--Access control.
Computers.
Virtual computer systems--Security measures.
Virtual computer systems.
Rootkits (Computer software).
Common Language Runtime.
Computer security.
Physical Description:
1 online resource (337 p.)
Edition:
1st edition
Place of Publication:
Burlington, MA : Syngress, 2010.
Language Note:
English
System Details:
text file
Summary:
Imagine being able to change the languages for the applications that a computer is running and taking control over it. That is exactly what managed code rootkits can do when they are placed within a computer. This new type of rootkit is hiding in a place that had previously been safe from this type of attack-the application level. Code reviews do not currently look for back doors in the virtual machine (VM) where this new rootkit would be injected. An invasion of this magnitude allows an attacker to steal information on the infected computer, provide false information, and disable security
Contents:
Front Cover; Managed Code Rootkits; Copyright; Table of Contents; Acknowledgements; About the Author; Part I: Overview; Chapter 1. Introduction; The Problem of Rootkits and Other Types of Malware; Why Do You Need This Book?; Terminology Used in This Book; Technology Background: An Overview; Summary; Chapter 2. Managed Code Rootkits; What Can Attackers Do with Managed Code Rootkits?; Common Attack Vectors; Why Are Managed Code Rootkits Attractive to Attackers?; Summary; Endnotes; Part II: Malware Development; Chapter 3. Tools of the Trade; The Compiler; The Decompiler; The Assembler
The DisassemblerThe Role of Debuggers; The Native Compiler; File Monitors; Summary; Chapter 4. Runtime Modification; Is It Possible to Change the Definition of a Programming Language?; Walkthrough: Attacking the Runtime Class Libraries; Summary; Chapter 5. Manipulating the Runtime; Manipulating the Runtime According to Our Needs; Reshaping the Code; Code Generation; Summary; Chapter 6. Extending the Language with a Malware API; Why Should We Extend the Language?; Extending the Runtime with a Malware API; Summary; Endnote; Chapter 7. Automated Framework Modification; What is ReFrameworker?
ReFrameworker Modules ConceptUsing the Tool; Developing New Modules; Setting Up the Tool; Summary; Chapter 8. Advanced Topics; "Object-Oriented-Aware " Malware; Thread Injection; State Manipulation; Covering the Traces As Native Code; Summary; Part III: Countermeasures; Chapter 9. Defending against MCRs; What Can We Do about This Kind of Threat ?; Awareness: Malware Is Everybody's Problem; The Prevention Approach; The Detection Approach; The Response Approach; Summary; Endnote; Part IV: Where Do We Go from Here?; Chapter 10. Other Uses of Runtime Modification
Runtime Modification As an Alternative Problem-Solving ApproachRuntime Hardening; Summary; Index
Notes:
Description based upon print version of record.
Includes bibliographical references and index.
ISBN:
1-282-88009-8
9786612880094
1-59749-575-1
OCLC:
689007482

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account