摘要
目前木马程序设计者趋于利用rootkit技术来隐藏他们的进程,从而达到自己的目的。针对这种隐藏技术论文提出了一种通过搜索系统中记录进程信息的关键系统块来获得进程信息的方法。
Today the program designers of Trojan Horse tend to use the Rootkit technique to hide their progress so as to obtain their aim. In this article a method has been proposed, which would obtain the process information by searching key system modules that record process information.
出处
《信息安全与通信保密》
2007年第12期70-71,共2页
Information Security and Communications Privacy
关键词
进程
隐藏
句柄表
对象
检测
process
hide
handle table
object
detection
