Language Selection

English French German Italian Portuguese Spanish

HookSafe Protects Kernel from Rootkits

Filed under
Linux
Security

The four researchers into the rootkit protector created and implemented a special virtualized system that defends against persistent rootkits that tamper with kernel execution. The system assembles specific function calls and messages, mirrors them in a "shadow interrupt stack" in a central location and protects them from hardware write access. To test their product, called HookSafe, the team let loose a few real rootkits and also measured the system load on the host system. The result showed just a 6% system slowdown, but with a highly effective implementation of the protection.

The team found successful defense against, for example, the Adore-ng and Phalanx rootkits. Xuxian Jiang, one of the four team members, told Linux Pro Magazine that the HookSafe source code will probably be made public sometime in the future.

Rest Here




More in Tux Machines

PuppEX Linux Live CD Now Based on Puppy Xenial, Compatible with Ubuntu 16.04 LTS

Arne Exton informs us about the availability of a new stable build of its Puppy-derived PuppEX Linux Live CD distribution, version 160822, which is now using the latest kernel and software applications. Read more

KDevelop 5.0 Open-Source IDE Officially Released with New C/C++ Language Support

After being in development for the past two years, the open-source KDevelop IDE (Integrated Development Environment) software has finally reached the 5.0 milestone. Read more

Open source drone controller has an FPGA-enhanced brain

Aerotenna has launched an open source, $499 “OcPoc” drone flight controller that runs Linux on an Altera Cyclone V ARM/FPGA SoC. Lawrence, Kansas based Aerotenna, which bills itself as “the leading provider of innovative microwave sensors and flight control systems,” describes OcPoC (Octagonal Pilot on Chip) as a ready-to-fly, open source flight control platform. The system integrates an IMU, barometer, GPS, and a CSI-camera interface. Read more

Linux Kernel 3.16.37 LTS Is a Massive Update with Tons of Networking Changes

Immediately after announcing the release of Linux kernel 3.2.82 LTS, maintainer Ben Hutchings proudly informed the community about the availability of the thirty-seventh maintenance update to the Linux 3.16 LTS kernel series. Read more