• Journal of Internet Computing and Services
    ISSN 2287 - 1136 (Online) / ISSN 1598 - 0170 (Print)
    https://jics.or.kr/

A Protection Technique for Kernel Functions under the Windows Operating System


Dusung Back, Kihyun Pyun, Journal of Internet Computing and Services, Vol. 15, No. 5, pp. 133-0, Oct. 2014
10.7472/jksii.2014.15.5.133, Full Text:
Keywords: kernel function hooking, system protection

Abstract

Recently the Microsoft Windows OS(operating system) is widely used for the internet banking, games etc. The kernel functions provided by the Windows OS can perform memory accesses, keyboard input/output inspection, and graphics output of any processes. Thus, many hacking programs utilizes those for memory hacking, keyboard hacking, and making illegal automation tools for game programs. Existing protection mechanisms make decisions for existence of hacking programs by inspecting some kernel data structures and the initial parts of kernel functions. In this paper, we point out drawbacks of existing methods and propose a new solution. Our method can remedy those by modifying the system service dispatcher code. If the dispatcher code is utilized by a hacking program, existing protection methods cannot detect illegal operations. Thus, we suggest that protection methods should investigate the modification of the dispatcher code as well as kernel data structures and the initial parts of kernel functions.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from November 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[APA Style]
Back, D. & Pyun, K. (2014). A Protection Technique for Kernel Functions under the Windows Operating System. Journal of Internet Computing and Services, 15(5), 133-0. DOI: 10.7472/jksii.2014.15.5.133.

[IEEE Style]
D. Back and K. Pyun, "A Protection Technique for Kernel Functions under the Windows Operating System," Journal of Internet Computing and Services, vol. 15, no. 5, pp. 133-0, 2014. DOI: 10.7472/jksii.2014.15.5.133.

[ACM Style]
Dusung Back and Kihyun Pyun. 2014. A Protection Technique for Kernel Functions under the Windows Operating System. Journal of Internet Computing and Services, 15, 5, (2014), 133-0. DOI: 10.7472/jksii.2014.15.5.133.