![]() |
10.5120/ijca2017915038 |
Zaid Abdulelah Mundher. Design and Implement a Hidden Processes Detector (HPD) based on Windows Prefetch Files. International Journal of Computer Applications 171(6):37-39, August 2017. BibTeX
@article{10.5120/ijca2017915038, author = {Zaid Abdulelah Mundher}, title = {Design and Implement a Hidden Processes Detector (HPD) based on Windows Prefetch Files}, journal = {International Journal of Computer Applications}, issue_date = {August 2017}, volume = {171}, number = {6}, month = {Aug}, year = {2017}, issn = {0975-8887}, pages = {37-39}, numpages = {3}, url = {http://www.ijcaonline.org/archives/volume171/number6/28188-2017915038}, doi = {10.5120/ijca2017915038}, publisher = {Foundation of Computer Science (FCS), NY, USA}, address = {New York, USA} }
Abstract
Hidden processes threat, which is a technique that is used by malicious code to hide their activities, is a serious threat to the operating systems. Therefore, the security programs try to defeat this threat using different approaches. This paper presents a hidden processes detector (HPD) program to detect hidden processes on Windows-based systems. The proposed HPD program introduces a new approach based on the Windows Prefetch files. The proposed HPD program has been tested and the results have been mentioned in this paper.
References
- Hale Ligh, M., Case, A. , Levy, J. , Walters, A. 2014, “ The Art of Memory Forensics”, John Wiley & Sons, Inc.
- Carvey, H., 2012, "Windows Forensic Analysis Toolkit", Syngress.
- Blunden, B. , 2013, "The Rootkit Arsenal", 2nd Edition,
- Wen, Y., Zhao, J. , Wang, H. ,Implicit Detection of Hidden Processes with a Local-Booted Virtual Machine, International Journal of Security and Its Applications vol. 2. No. 4, 2008
- Rutkowski, J., 2003, Advanced Windows 2000 Rootkit Detection.
- Oroszlany, M., 2008, Rootkits under Windows OS and methods of their detection
- ARNOLD, T. , 2011, A COMPARATIVE ANALYSIS OF ROOTKIT DETECTION TECHNIQUES.
- Bozagac, C., 2006,GHOSTWARE AND ROOTKIT DETECTION TECHNIQUES FOR WINDOWS.
- Bravo, P. , García, D. , PROACTIVE DETECTION OF KERNEL-MODE ROOTKITS
- Hoglund, G., Butler, J. , 2005, Rootkits: Subverting the Windows Kernel.
- Messier, R., 2016, OPERATING SYSTEM FORENSICS, Syngress.
- http://diggfreeware.com/incredible-free-and-open-source-process-hider-and-file-hider/]
- Garcia, L., 2011, BULK EXTRACTOR WINDOWS PREFETCH DECODER.
Keywords
Hidden-process, Windows Prefetch files, Rootkit.