MY150351A - A method for rootkit resistance based on a trusted chip - Google Patents

A method for rootkit resistance based on a trusted chip

Info

Publication number
MY150351A
MY150351A MYPI2010003209A MYPI2010003209A MY150351A MY 150351 A MY150351 A MY 150351A MY PI2010003209 A MYPI2010003209 A MY PI2010003209A MY PI2010003209 A MYPI2010003209 A MY PI2010003209A MY 150351 A MY150351 A MY 150351A
Authority
MY
Malaysia
Prior art keywords
rootkits
blocks
trusted chip
rootkit
protection against
Prior art date
Application number
MYPI2010003209A
Inventor
Abdulrahman Ahmad Abdu Muthana
Jamalul-Lail Abd Manan
Solahuddin Bin Shamsuddin
Mohd Faizal Bin Mubarak
Zaid Ahmad
Azimah Abdul Kadir
Original Assignee
Mimos Berhad
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad filed Critical Mimos Berhad
Priority to MYPI2010003209A priority Critical patent/MY150351A/en
Priority to PCT/MY2010/000229 priority patent/WO2012005565A1/en
Publication of MY150351A publication Critical patent/MY150351A/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
    • G06F21/805Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors using a security table for the storage sub-system
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2121Chip on media, e.g. a disk or tape with a chip embedded in its case

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

THE METHOD AND SYSTEM ARE DISCLOSED FOR DISK PROTECTION AGAINST PERSISTENT ROOTKITS. THE METHOD INCLUDES DISK PROTECTION AGAINST PERSISTENT ROOTKITS (ROOTKITS THAT ATTEMPT TO MODIFY THE SYSTEM IMAGE) BASED ON TRUSTED CHIP (34). FURTHER, THE METHOD PROVIDES A REAL-TIME PROTECTION TO PREVENT ROOTKIT FROM BEING WRITTEN TO SYSTEM IMAGE. THE PRESENT METHOD IS FOR DISK PROTECTION AGAINST PERSISTENT ROOTKITS (ROOTKITS THAT ATTEMPT TO MODIFY THE SYSTEM IMAGE) BASED ON THE TRUSTED CHIP (34). THE METHOD LABELS ALL BLOCKS IN THE DISK WHERE THE SYSTEM FILES ARE LABELED AS SYSTEM AREA BLOCKS AND THE REMAINING BLOCKS AS USER AREA BLOCKS. THE LABELED BLOCKS ARE STORED IN A TABLE PROTECTED BY THE TRUSTED CHIP INTEGRATED ON THE HOST MACHINE. DURING THE NORMAL PROCESS, ALL WRITE OPERATIONS TO SYSTEM AREA ARE VERIFIED BEFORE WRITING IS MADE TO THE SYSTEM AREA BLOCKS. THE MOST ILLUSTRATIVE DRAWING:
MYPI2010003209A 2010-07-06 2010-07-06 A method for rootkit resistance based on a trusted chip MY150351A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
MYPI2010003209A MY150351A (en) 2010-07-06 2010-07-06 A method for rootkit resistance based on a trusted chip
PCT/MY2010/000229 WO2012005565A1 (en) 2010-07-06 2010-10-28 A method for rootkit resistance based on a trusted chip

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
MYPI2010003209A MY150351A (en) 2010-07-06 2010-07-06 A method for rootkit resistance based on a trusted chip

Publications (1)

Publication Number Publication Date
MY150351A true MY150351A (en) 2013-12-31

Family

ID=45441388

Family Applications (1)

Application Number Title Priority Date Filing Date
MYPI2010003209A MY150351A (en) 2010-07-06 2010-07-06 A method for rootkit resistance based on a trusted chip

Country Status (2)

Country Link
MY (1) MY150351A (en)
WO (1) WO2012005565A1 (en)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE60120117D1 (en) * 2000-02-15 2006-07-06 Silverbrook Res Pty Ltd DEVICE AND PROTOCOL FOR AUTHENTICATING A CONSUMER OBJECT
US6948165B1 (en) * 2001-02-28 2005-09-20 Western Digital Ventures, Inc. Method for installing an application program, to be executed during each bootload of a computer system for presenting a user with content options prior to conventional system startup presentation, without requiring a user's participation to install the program
KR100762973B1 (en) * 2007-02-07 2007-10-02 (주)노애드 Recording medium recording method of computer malware detection and removal, its device and program code to execute the method on computer
US8250350B2 (en) * 2008-08-26 2012-08-21 Texas Digital And Multimedia Systems Computer system with non-volatile write-protected memory based operating system and secure system architecture

Also Published As

Publication number Publication date
WO2012005565A1 (en) 2012-01-12

Similar Documents

Publication Publication Date Title
MX2011013584A (en) Method and apparatus for modifying the presentation of content.
WO2010065271A3 (en) Systems and methods for providing continuous file protection at block level
GB2498129A (en) On demand virtual machine image streaming
WO2007109685A3 (en) High efficiency portable archive
WO2010127030A3 (en) Selectively securing data and/or erasing secure data caches responsive to security compromising conditions
WO2007117423A3 (en) Method and apparatus for representing multidimensional data
WO2006012197A3 (en) Method of improving computer security through sandboxing
WO2012006015A3 (en) Protecting video content using virtualization
MY154086A (en) Data processing apparatus and method
MY170629A (en) Improvements in resisting the spread of unwanted code and data
GB201215241D0 (en) Protecting application programs from malicious software or malware
WO2010004243A3 (en) Interrupt processing
WO2011097064A3 (en) Background migration of virtual storage
SG190955A1 (en) Transaction log recovery
TW200729882A (en) Method and apparatus for generating a license
WO2009117714A3 (en) File access via conduit application
WO2011005434A3 (en) Serial copy management system (scms)
TW200625101A (en) Backup/restore system and method thereof
BRPI0406525A (en) content writing techniques
AU2011355202B2 (en) Device and method for protecting a security module from manipulation attempts in a field device
TW200745853A (en) Method and system for automatically distributing real memory between virtual memory page sizes
WO2012012142A3 (en) Data access during data recovery
EP2573689A4 (en) Method and device for implementing redundant array of independent disk protection in file system
BR112014004047A2 (en) behavior history management system and behavior history management method
WO2007021868A3 (en) Presentation of media segments