Rootkit Hunting vs Compromise Detection

The presentation I gave in Washington, D.C., at Black Hat Federal Conference in January 2006. It's about new generation of stealth malware, so called Stealth by Design (SbD) malware, which doesn't use any of the classic rootkit technology tricks, but still offers full stealth! The presentation also focuses on limitations of the current anti-rootkit technology and why itís not useful in fighting this new kind of SbD malware.

Consequently, alternative method for compromise detection is advocated in this presentation, Explicit Compromise Detection (ECD), as well as the challenges which Independent Software Vendors encounter when trying to implement ECD for Windows systems. - Papers

Linked by shanmuga Thursday, 2nd March 2006 1:38AM