Debug register rootkits : A study of malicious use of the IA-32 debug registers

Bachelor thesis English OPEN
Persson, Emil; Mattsson, Joel;
  • Publisher: Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation
  • Subject: IA-32 | Programvaruteknik | Debug register | Computer Sciences | rootkit | Linux | Datavetenskap (datalogi) | memory forging | Software Engineering
    acm: Software_OPERATINGSYSTEMS

The debug register rootkit is a special type of rootkit that has existed for over a decade, and is told to be undetectable by any scanning tools. It exploits the debug registers in Intel’s IA-32 processor architecture. This paper investigates the debug register rootkit ... View more
Share - Bookmark