{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T06:39:04Z","timestamp":1725518344190},"publisher-location":"Boston, MA","reference-count":21,"publisher":"Springer US","isbn-type":[{"type":"print","value":"9780387849263"},{"type":"electronic","value":"9780387849270"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-0-387-84927-0_12","type":"book-chapter","created":{"date-parts":[[2008,8,28]],"date-time":"2008-08-28T17:25:29Z","timestamp":1219944329000},"page":"139-148","source":"Crossref","is-referenced-by-count":4,"title":["Timely Rootkit Detection During Live Response"],"prefix":"10.1007","author":[{"given":"Daniel","family":"Molina","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Matthew","family":"Zimmerman","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gregory","family":"Roberts","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Marnita","family":"Eaddie","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gilbert","family":"Peterson","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"12_CR1","unstructured":"M. Boelen, Rootkit Hunter (\n                    www.rootkit.nl\/projects\/rootkithunt er.html\n                    \n                  )."},{"key":"12_CR2","volume-title":"An Overview of Unix Rootkits, iALERT White Paper, iDefense Labs","author":"A Chuvakin","year":"2003","unstructured":"A. Chuvakin, An Overview of Unix Rootkits, iALERT White Paper, iDefense Labs, Chantilly, Virginia, 2003."},{"key":"12_CR3","unstructured":"K. Dillard, What are user-mode vs. kernel-mode rootkits? (search windowssecurity.techtarget.com\/originalContent\/0,289142,sid45 gc i1086469,00.html), 2005."},{"key":"12_CR4","unstructured":"J. Evers, Microsoft will wipe Sony\u2019s rootkit, CNET News.com, November 13, 2005."},{"key":"12_CR5","unstructured":"F-Secure, The Threat - Rootkits, Helsinki, Finland (\n                    www.virus.fi\/blacklight\/rootkit.shtml\n                    \n                  )."},{"key":"12_CR6","volume-title":"Implementing and Detecting a PCI Rootkit","author":"J Heasman","year":"2006","unstructured":"J. Heasman, Implementing and Detecting a PCI Rootkit, Next Generation Security Software, Sutton, United Kingdom, 2006."},{"key":"12_CR7","volume-title":"Rootkits: Subverting the Windows Kernel","author":"G Hoglund","year":"2005","unstructured":"G. Hoglund and J. Butler, Rootkits: Subverting the Windows Kernel, Addison-Wesley, Boston, Massachusetts, 2005."},{"key":"12_CR8","unstructured":"Holy Father, Hacker Defender (hxdef ), 2005."},{"key":"12_CR9","doi-asserted-by":"crossref","unstructured":"S. King, P. Chen, Y. Wang, C. Verbowski, H. Wang and J. Lorch, SubVirt: Implementing malware with virtual machines, Proceedings of the IEEE Symposium on Security and Privacy, pp. 314-327, 2006.","DOI":"10.1109\/SP.2006.38"},{"key":"12_CR10","unstructured":"J. Levine, B. Culver and H. Owen, A methodology for detecting new binary rootkit exploits, presented at the IEEE SouthEastCon Technical Conference, 2003."},{"issue":"1","key":"12_CR11","doi-asserted-by":"publisher","first-page":"24","DOI":"10.1109\/MSP.2006.11","volume":"4","author":"J Levine","year":"2006","unstructured":"J. Levine, J. Grizzard and H. Owen, Detecting and categorizing kernel-level rootkits to aid future detection, IEEE Security & Privacy, vol. 4(1), pp. 24-32, 2006.","journal-title":"IEEE Security & Privacy"},{"key":"12_CR12","volume-title":"Incident Response and Com- puter Forensics","author":"K Mandia","year":"2003","unstructured":"K. Mandia, C. Prosise and M. Pepe, Incident Response and Com- puter Forensics, McGraw-Hill\/Osborne, Berkeley, California, 2003."},{"key":"12_CR13","volume-title":"Hacking Exposed: Net- work Security Secrets and Solutions","author":"S McClure","year":"2001","unstructured":"S. McClure, J. Scambray and G. Kurtz, Hacking Exposed: Net- work Security Secrets and Solutions, Osborne\/McGraw-Hill, Berkeley, California, 2001."},{"key":"12_CR14","unstructured":"Rootkit.com, AFX Rootkit (\n                    www.rootkit.com\n                    \n                  )."},{"key":"12_CR15","unstructured":"Rootkit.com, FU Rootkit (\n                    www.rootkit.com\n                    \n                  )."},{"key":"12_CR16","unstructured":"Rootkit.com, FUto Rootkit (\n                    www.rootkit.com\n                    \n                  )."},{"key":"12_CR17","unstructured":"Rootkit.com, Vanquish Rootkit (\n                    www.rootkit.com\n                    \n                  )."},{"key":"12_CR18","unstructured":"J. Rutkowska, Introducing Stealth Malware Taxonomy, Techni- cal Report, COSEINC Advanced Malware Labs (invisiblethings.org\/papers\/malware-taxonomy.pdf ), 2006."},{"key":"12_CR19","unstructured":"Sourceforge.net, Back Orifice 2000 (\n                    www.bo2k.com\n                    \n                  )."},{"key":"12_CR20","unstructured":"Tech Support Alert, Rootkit Detection and Removal (\n                    www.pcsupportadvisor.com\/rootkits.htm\n                    \n                  ), 2006."},{"key":"12_CR21","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1007\/978-0-387-73742-3_6","volume-title":"Advances in Digital Forensics III","author":"A Todd","year":"2007","unstructured":"A. Todd, J. Benson, G. Peterson, T. Franz, M. Stevens and R. Raines, Analysis of tools for detecting rootkits and hidden processes, in Advances in Digital Forensics III, P. Craiger and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 89-105, 2007."}],"container-title":["IFIP \u2014 The International Federation for Information Processing","Advances in Digital Forensics IV"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-0-387-84927-0_12.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,29]],"date-time":"2021-04-29T00:16:26Z","timestamp":1619655386000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-0-387-84927-0_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9780387849263","9780387849270"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-0-387-84927-0_12","relation":{},"ISSN":["1571-5736"],"issn-type":[{"type":"print","value":"1571-5736"}],"subject":[]}}