E-mail a Wiley Online Library Link

Shawn Embleton, Sherri Sparks and Cliff C. Zou SMM rootkit: a new breed of OS independent malware Security and Communication Networks 6

Version of Record online: 9 DEC 2009 | DOI: 10.1002/sec.166

Thumbnail image of graphical abstract

This paper presents a proof-of-concept SMM rootkit, which explores the potential vulnerability of the low-level Intel processors' System Management Mode so that it cannot be detected by security software running based on the Operating System. To illustrate the capability of a stealthy SMM rootkit, we implement a chipset-level keylogger and a network backdoor capable of directly interacting with the network card to send logged keystrokes to a remote machine via UDP and receive remote command packets stealthily.

Complete the form below and we will send an e-mail message containing a link to the selected article on your behalf

Required = Required Field