• Title/Summary/Keyword: Stealthing Techniques

Search Result 1, Processing Time 0.014 seconds

Analysing and Neutralizing the Stuxnet's Stealthing Techniques (Stuxnet의 파일 은닉 기법 분석 및 무력화 방법 연구)

  • Lee, Kyung-Roul;Yim, Kang-Bin
    • Journal of Advanced Navigation Technology
    • /
    • v.14 no.6
    • /
    • pp.838-844
    • /
    • 2010

  • This paper introduces Stuxnet, a malicious ware that presently stimulates severity of the cyber warfare worldwide, analyses how it propagates and what it affects if infected and proposes a process to cure infected systems according to its organization. Malicious wares such as Stuxnet secretes themselves within the system during propagation and it is required to analyze file hiding techniques they use to detect and remove them. According to the result of the analysis in this paper, Stuxnet uses the library hooking technique and the file system filter driver technique on both user level and kernel level, respectively, to hide its files. Therefore, this paper shows the results of the Stuxnet's file hiding approach and proposes an idea for countermeasure to neutralize it. A pilot implementation of the idea afterward shows that the stealthing techniques of Stuxnet are removed by the implementation.

  • PDF KSCI