Discussion 8 (12)

First, read the paper titled ” Defeating Dynamic Data KernelRootkit Attacks via VMM-based Guest-Transparent Monitoring”.

Questions:

Is the type of Kernel Rookit discussed in the paper also covered by Chapter 8?

If yes, where is it mentioned in the chapter, and is there any difference between them?

If no, should the type of Kernel Rookit discussed in the paper be considered a new type of rootkit? why?

1 page