Buffer Overflow & Rootkits Assignment Example | Topics and Well Written Essays - 250 words

Buffer Overflow & Rootkits - Assignment Example Another reason is the failure of individuals to update their existing protections that render them non-functional. Someone can design a program that can detect a rootkit. A rootkit describes stealthy software that makes it hard to detect the existence of certain programs in a computer. Therefore, to detect one, someone needs to use an alternative and trusted operating system. Designing programs constituting such operating systems would make it possible to detect rootkits. Other ways include signature scanning, difference scanning, behavioural-based methods and memory dump analysis. The behavioural-based approach depends on the fact that rootkits behave in a way different from other programmes (Pleeger, 2012). In signature scanning, an antivirus will detect any stealthy measures that a rootkit might adopt to unload itself or prevent its detection. The difference-based scanning method compares trusted original data from the computer with defective data returning from the API (Application programming interface), a programme building tool. Memory dumping involves dumping of virtual memory, which can then be forensically analysed to capture an active rootkit with a tool called a debugger. It prevents the rootkit from taking any measures to hide itself. However, the overall detection of a rootkit depends on its