Abstract
The arms race between malware developers and the anti-malware community reached a new level. Countermeasures for kernel level [60], hypervisor-based [77], and system management mode based malware [49] were proposed [25, 51, 107].
In God We Trust; All Others We Monitor.
Motto of the Air Force Technical Application Center,
Part of the Air Force Intelligence,
Surveillance and Reconnaissance Agency
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
These devices can act as bus masters, see Sect. 2.5.
- 2.
See http://www.hex-rays.com/products/ida/index.shtml [accessed 25 February 2014].
- 3.
See http://msdn.microsoft.com/en-us/windows/hardware/gg462988 [accessed 25 February 2014].
- 4.
See http://www.wireshark.org/ [accessed 25 February 2014].
- 5.
See http://www.emsisoft.com/en/software/mamutu/ [accessed 25 February 2014].
- 6.
We used the Performance API, that is available at http://icl.cs.utk.edu/papi/software/index.html [accessed 25 February 2014], to work with HPC in the described experiment.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Stewin, P. (2015). Study of a Stealthy, Direct Memory Access Based Malicious Software. In: Detecting Peripheral-based Attacks on the Host Memory. T-Labs Series in Telecommunication Services. Springer, Cham. https://doi.org/10.1007/978-3-319-13515-1_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-13515-1_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-13514-4
Online ISBN: 978-3-319-13515-1
eBook Packages: EngineeringEngineering (R0)