Studienprojekte
PROJEKT
chameleon
FAKTEN
Themenfeld
Malware Analyse
Zeitraum
SS 2007
Status
finished
FH-Studierende
Markus Auer, Herwig Köck, Lukas Nothdurfter, Lukas Reiter
FH-Betreuer
DI Eckehard Hermann
Kurzbeschreibung
The purpose of the project is to gain knowledge about the functionality of rootkits. Furthermore, the members of the project team are going to find a way to recognize rootkits installed on a system using host-based intrusion prevention systems and host intrusion detection systems.
DETAILS
Ausgangssituation / Motivation / Einleitung
At the latest from the affair of Sony BMGs copy protection, which installs a special rootkit on computers, more and more people get aware of the danger, which comes with rootkits.But not only Sony uses rootkits to hide their malware activities, this kind of malware gets extremely widespread. This and personal interests headed to project.
Projektziel
The goals of the project chameleon were:* Obtaining a fundamental understanding how rootkits work* Developing some kernel rootkit functions and thereby* Gaining knowledge about secure detection and prevention of rootkits.
Umsetzung
During the first part, a rootkit for Windows XP was developed to get an advanced knowledge of the operating system and its security leaks. After that an analysis took place, where different anti-malware tools were tested. The results were written down into the technical and project documentation.
