Russian Federation
The article considers the features of information protection on personal computers. The classification features are presented and the classification of malicious programs on the methodology of infection and damage is given. The main types of malware are given. Spyware, trojan programs, network and mail worms, spam downloaders and hidden software downloads were considered. The article considers the principles of malware using RootKit technologies, as well as keyloggers and user tracking technologies. The focus is on RootKit technology. Varieties of RootKit technologies operating in user mode, in kernel mode and in both kernel and user mode are considered. Features of RootKit technology in user mode and in kernel mode of operating system are considered in detail. The methods of capturing system functions of dynamic Windows libraries are considered in detail. Tables of system functions intercepted by malware are presented.
malware, malware classification, malware varieties, malware operating principles, RootKit technology, RootKit technology varieties, user mode, operating system kernel mode
1. Bezopasnost' informacionnyh sistem i zashchita informacii v MCHS Rossii: ucheb. posobie / Yu.I. Sineshchuk [i dr.]; pod red. V.S. Artamonova. SPb.: S-Peterb. un-t GPS MCHS Rossii, 2012.
2. Pal'cev D.A. Obnaruzhenie i zashchita ot vredonosnogo PO. SPb.: BHV-Peterburg, 2016.
3. Bujnevich M.V., Matveev A.V., Smirnov A.S. Aktual'nye problemy podgotovki specialistov v oblasti informacionnoj bezopasnosti MCHS Rossii i konstruktivnye podhody k ih resheniyu // Nauch.-analit. zhurn. «Vestnik S.-Peterb. un-ta GPS MCHS Rossii». 2022. № 3. S. 1-17. EDN OGPXZX.
4. Flenov M. Komp'yuter glazami hakera. SPb.: BHV-Peterburg, 2010.
5. Labinskij A.Yu., Il'in A.V. Fraktaly i zashchita informacii // Prirodnye i tekhnogennye riski (fiziko-matematicheskie i prikladnye aspekty). 2016. № 1 (17). S. 82-86. EDN WKBIDP.
6. Labinskij A.Yu. Raspoznavanie komp'yuternyh vredonosnyh programm s ispol'zovaniem nejronnyh setej // Prirodnye i tekhnogennye riski (fiziko-matematicheskie i prikladnye aspekty). 2017. № 3 (23). S. 10-15. EDN ZUFYPF.
7. Labinskij A.Yu., Tolstov A.P. Nejronnye seti i zashchita informacii // Problemy upravleniya riskami v tekhnosfere. 2019. № 1 (49). S. 68-73. EDN EKGDPM.
8. Labinskij A.Yu. Organizaciya zashchity informacii v operacionnoj sisteme Linux // Prirodnye i tekhnogennye riski (fiziko-matematicheskie i prikladnye aspekty). 2021. № 1 (37). S. 4-8. EDN UVURYZ.
9. Andress J. The Basics of Information Security. Syngpress, 2014.
10. Stewart J.M. Certified Information Systems Security Study Guide. Canada: John Wiley & Sons Inc., 2015.
11. Ramzan Z. Handbook of Information Security. Springer Science, 2017.
12. Metel'kov A.N. O kriptograficheskih merah zashchity informacii pri vnedrenii informacionnyh tekhnologij v reshenie zadach upravleniya v social'nyh i ekonomicheskih sistemah // Nacional'naya bezopasnost' i strategicheskoe planirovanie. 2020. № 4 (32). S. 68-78. DOI:https://doi.org/10.37468/2307-1400-2021-2020-4-68-78. EDN XZNNXX.
