A Method for Hidden Process Detection Based on Routines of Thread Scheduling List
- Resource Type
- Conference
- Authors
- Pu, Wandong; Yu, Jiang; Chang, Jun; Liu, Yinshan
- Source
- 2010 International Conference on Internet Technology and Applications Internet Technology and Applications, 2010 International Conference on. :1-5 Aug, 2010
- Subject
- Computing and Processing
Communication, Networking and Broadcast Technologies
Information science
Reliability
Information security
Computers
Kernel
Computer applications
- Language
the hidden process detection thread-based scheduling list exist hardcode problem and some hidden processes could be skipped by some malicious programs. The article proposes a new method based on the routines of thread scheduling list, which derived through the system exporting Routine Long Instructions Disassembling (RLID) to find a Thread Scheduling List (TSL) to solve the hardcode problem as we use the thread-based scheduling list to detect hidden process, so that all hidden processes could not be skipped in the detection . The experiment shows that this method has well reliability and integrity.