DC FieldValueLanguage
dc.contributor.advisorKastner, Wolfgang-
dc.contributor.authorGrill, Bernhard-
dc.date.accessioned2020-06-30T02:08:46Z-
dc.date.issued2016-
dc.date.submitted2017-07-
dc.identifier.urihttps://resolver.obvsg.at/urn:nbn:at:at-ubtuw:1-101009-
dc.identifier.urihttp://hdl.handle.net/20.500.12708/9823-
dc.descriptionZusammenfassung in deutscher Sprache-
dc.description.abstractBootkits (short for boot + rootkit) are one of the most advanced, powerful and persistent threats exploited in sophisticated malware attacks. In order to investigate this attack vector in greater detail, we performed a large-scale bootkit malware analysis utilizing Windows XP and Windows 7. The data set consists of samples spanning a timer period over 8 years to gain detailed insights into the bootkit malware economy. Grounded on the analysis results of 26,378 malware samples, novel techniques to detect and stop bootkit attacks have been developed. The proposed detection techniques are based on anomaly identification utilizing dynamic analysis during the system's boot phase. Furthermore, two novel techniques to prevent bootkit infections have been developed. The first one, is grounded on strictly blocking the malware's initial persistence and infection vector, while the second approach relies on emulation and monitoring the impact of disk modifications targeting the system's boot process. Furthermore, this work showcases the historic evolution of bootkit techniques starting in 2006 and presents an outlook on their potential future evolution.en
dc.formatx, 82 Seiten-
dc.languageEnglish-
dc.language.isoen-
dc.subjectBootkiten
dc.subjectmalwareen
dc.subjectinfectionen
dc.titleBootkits revisited : detecting, analysing and mitigating bootkit threatsen
dc.typeThesisen
dc.typeHochschulschriftde
dc.publisher.placeWien-
tuw.thesisinformationTechnische Universität Wien-
dc.contributor.assistantPlatzer, Christian-
tuw.publication.orgunitE183 - Institut für Rechnergestützte Automation-
dc.type.qualificationlevelDiploma-
dc.identifier.libraryidAC13751932-
dc.description.numberOfPages82-
dc.identifier.urnurn:nbn:at:at-ubtuw:1-101009-
dc.thesistypeDiplomarbeitde
dc.thesistypeDiploma Thesisen
item.openairetypeThesis-
item.openairetypeHochschulschrift-
item.openaccessfulltextOpen Access-
item.languageiso639-1en-
item.openairecristypehttp://purl.org/coar/resource_type/c_18cf-
item.openairecristypehttp://purl.org/coar/resource_type/c_18cf-
item.grantfulltextopen-
item.fulltextwith Fulltext-
item.cerifentitytypePublications-
item.cerifentitytypePublications-
Appears in Collections:Thesis

Files in this item:


Page view(s)

33
checked on Jul 25, 2021

Download(s)

108
checked on Jul 25, 2021

Google ScholarTM

Check


Items in reposiTUm are protected by copyright, with all rights reserved, unless otherwise indicated.