Drootkit: Kernel-Level Rootkit Detection and Recovery Based on eBPF.
Xingyu huMing HuangYouhua XueLifeng JiangYao LiuGuoqi XiePublished in: J. Circuits Syst. Comput. (2024)
Keyphrases
- automatic detection
- detection algorithm
- detection accuracy
- case study
- false alarms
- feature space
- kernel methods
- detection method
- kernel regression
- recovery algorithm
- real time
- levels of abstraction
- event detection
- false positives
- kernel function
- anomaly detection
- object detection
- high dimensional
- multiscale
- information systems
- genetic algorithm
- machine learning
- neural network