ZHAO Xiao-can, REN Ju, XU Yang, WANG Guo-jun. A Hidden Process Detection Model Based on System Management Mode[J]. Microelectronics & Computer, 2017, 34(12): 111-115.
Citation: ZHAO Xiao-can, REN Ju, XU Yang, WANG Guo-jun. A Hidden Process Detection Model Based on System Management Mode[J]. Microelectronics & Computer, 2017, 34(12): 111-115.
shu

A Hidden Process Detection Model Based on System Management Mode

    Abstract
  • In recent years, the stealth of malware is getting stronger and stronger. In this paper, a SMM-based Hidden process Detection model (SHPD) is proposed. SHPD can effectively detect the stealthy process in system while ensuring its own transparency. SHPD consists of two parts: the client and the monitor. The client, which implemented in BIOS, uses both internal and external semantic information to establish multiple views of processes in OS and sends those process views to the monitor. The monitor identifies the stealthy process by comparing the differences between the views. In the paper, we build a prototype system under the support of the SHPD theory, and conduct functional testing and analysis. The experimental results verify the feasibility of SHPD.
    • FullText(HTML)
  • loading
    • References (10)
    • Relative Articles
  • Supplements (0)

Catalog

    Turn off MathJax
    Article Contents

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return