HARDWARE-ASSISTED SYSTEM SECURITY MONITOR
Rootkits are Trojan horses installed by an intruder that mask changes that have been made in a system after attack. They replace or modify intrusion or other system status detecting applications so that they report a properly functioning system to a systems administrator, when in fact, the system has been compromised. Our solution to this requires designing a Linux based PC add on card that can monitor file access and prevent designated sectors from being written, as well as a memory scanner to catch memory resident rootkits. A GUI tool will allow an administrator to configure the device, which can only be accessed from a USB port. A valuable spin-off would be a bootable CD-ROM rootkit detection and repair tool for Windows.
Small Business Information at Submission:
Principal Investigator:Chris Lomont
Cybernet Systems Corporation
727 Airport Blvd. Ann Arbor, MI 90501
Number of Employees: