Rootkits and Their Effects on Information Security

Q4 Social Sciences
Lynn Erla Beegle
{"title":"Rootkits and Their Effects on Information Security","authors":"Lynn Erla Beegle","doi":"10.1080/10658980701402049","DOIUrl":null,"url":null,"abstract":"A rootkit is cloaked software that infiltrates an operating system or a database with the intention to escape detection, resist removal, and perform a specific operation. Many rootkits are designed to invade the “root,” or kernel, of the program, and therefore operate without announcing their presence to the owner of the computer. Although some rootkits are written with noble intentions (e.g., to strengthen an anti-virus package), true rootkits have a malicious purpose. A rootkit infection can render a compromised computer system vulnerable to attacks and corruption. Rootkits are named for their origin in Linux systems, but the number of rootkits that attack Microsoft operating systems has recently proliferated. Not only are rootkits difficult to detect and assess, but at times the only effective way to remove them is to do a clean installation of the entire operating system. Recent discoveries of rootkits in other venues prove that the problem is spreading and is a major concern for administrators in information security. This paper presents a brief history of the development of rootkits and their possible effects.Prominent cases involving rootkits are described.The paper concludes with an overview of methods to prevent rootkits and to (hopefully) eradicate one that has infected an operating system.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2007-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Systems Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/10658980701402049","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Social Sciences","Score":null,"Total":0}
引用次数: 6

Abstract

A rootkit is cloaked software that infiltrates an operating system or a database with the intention to escape detection, resist removal, and perform a specific operation. Many rootkits are designed to invade the “root,” or kernel, of the program, and therefore operate without announcing their presence to the owner of the computer. Although some rootkits are written with noble intentions (e.g., to strengthen an anti-virus package), true rootkits have a malicious purpose. A rootkit infection can render a compromised computer system vulnerable to attacks and corruption. Rootkits are named for their origin in Linux systems, but the number of rootkits that attack Microsoft operating systems has recently proliferated. Not only are rootkits difficult to detect and assess, but at times the only effective way to remove them is to do a clean installation of the entire operating system. Recent discoveries of rootkits in other venues prove that the problem is spreading and is a major concern for administrators in information security. This paper presents a brief history of the development of rootkits and their possible effects.Prominent cases involving rootkits are described.The paper concludes with an overview of methods to prevent rootkits and to (hopefully) eradicate one that has infected an operating system.
Rootkits及其对信息安全的影响
rootkit是一种隐蔽的软件,它渗透到操作系统或数据库中,目的是逃避检测,抵抗移除,并执行特定操作。许多rootkit被设计为入侵程序的“根”或内核,因此在不向计算机所有者宣布其存在的情况下运行。尽管一些rootkit是出于高尚的目的而编写的(例如,加强反病毒包),但真正的rootkit具有恶意目的。rootkit感染可以使受损的计算机系统容易受到攻击和破坏。rootkit因其在Linux系统中的起源而得名,但攻击微软操作系统的rootkit数量最近激增。rootkit不仅难以检测和评估,而且有时删除它们的唯一有效方法是重新安装整个操作系统。最近在其他场所发现的rootkit证明,这个问题正在蔓延,并且是信息安全管理员的主要关注点。本文简要介绍了rootkit的发展历史及其可能产生的影响。描述了涉及rootkit的突出案例。本文最后概述了防止rootkit的方法,并(希望)根除已感染操作系统的rootkit。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Journal of Information Systems Security
Journal of Information Systems Security Social Sciences-Safety Research
CiteScore
0.40
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信