DYNAMIC ANTIROOTKIT FRAMEWORK: MONITORING VIRTUAL MACHINES AND DETECTION OF ROOTKITS

Rootkit is one of the primary concerns of network communication systems, which is related to the security and privacy of Internet users. The worldliness of malicious software (malware) used to breakdown the computer security has increased exponentially in the recent years. Therefore, early detection of rootkits is on top priority to avoid the unrestrained operation of malware. Most of existing techniques only allow late rootkit detection after the malware has already been hidden by a rootkit. In this paper, we put forward a dynamic framework to detect kernel rootkits and guarantee the runtime security of guest VMs. The method is explicit to a guest Virtual Machine (VM), since it does not require any specific system information. The initial strategy is a virtual machine screen based resource arrangement component, which can limit the resource usage with given execution ensure. The end results reveal that the component that is put forth can allocate resources for a rootkit distinguishing proof on request.