分析LKM后门实现隐藏进程的机理。
This paper analyses the mechanism of LKM backdoor in hiding processes.
利用进程对象特征搜索内存能够检测到隐藏进程。
Based on certain detection characteristics of process, hidden process could be uncovered by memory searching.
实验结果表明,该方法对隐藏进程具有较好的检测效果。
The results show that the new detection is effective in the hidden process searching.
程序同时也在内存中伪装它所做的改动,并且隐身地控制被隐藏进程。
Programs are also memory camouflage it changes made to the stealth and hidden control process.
这样看来,除非有人积极地搜索你的隐藏进程,它应当是不容易被发现了。
At this point, unless someone is actively searching for your hidden process, you should be safe from discovery.
这样看来,除非有人积极地搜索你的隐藏进程,它应当是不容易被发现了。
At this point, unless someone is actively searching for your hidden process, you should be safe from discovery.
应用推荐