Dark Reading: Finding Rootkits By Monitoring For 'Black Sheep'

/Home/Internet Security: Articles/Internet Security: Dark Reading/Dark Reading: Security Monitoring

Looking for kernel changes among flocks of computers can help organizations detect rootkits, according to team of researchers

Nov 09, 2012
By Robert Lemos and Contributing Writer

A distributed system of monitoring groups of computers using the same operating-system configuration can detect the changes wrought by rootkits following infection, a group of security researchers from the University of California at Santa Barbara reported in a recent paper.

Click the URL above to read the full article