1. Field of the Invention
The present invention relates to the protection of computer systems. More particularly, the present invention relates to detection of malicious code, such as rootkits, on a computer system.
2. Description of Related Art
A rootkit can be generally described as a set of programs or codes that allows the rootkit itself, and typically some additional programs or codes, to maintain an undetectable presence on a computer. Current computer system attackers use a variety of rootkit implementations to hide their activities on a computer system.
For example, some rootkits hide their files and processes, erase their activity, and alter information returned to a user or the computer system to conceal their presence on the computer system. As a rootkit is typically undetected by a user of a computer system, rootkits are typically categorized as malicious code.