Kernel rootkit detection multi class on deep learning techniques

Suresh Kumar Srinivasan, SudalaiMuthu Thalavaipillai


The harmful code application known as a rootkit is designed to be loaded and run directly from the operating system's (OSs') Kernel. Rootkits deployed in the Kernel, called Kernel-mode rootkits, can alter the OS. The intention behind these Kernel changes is to conceal the hack. Detecting a Kernel rootkit in a target machine is found to be quite challenging. Numerous techniques can be employed to modify the Kernel of a system. Kernel rootkits also create hidden access for attacks, enabling unauthorized entry to be gained by attackers on the machine. The ultimate consequence is that essential computer data can be modified, personal information can be gathered, and hackers can observe behavior. Synthetic neural networks support artificial intelligence, a branch of deep learning that models the human brain and operates on large datasets. This study proposed the Kernel rootkit detection multi-class deep learning techniques (KRDMCDLT). Deep learning algorithms are utilized to recognize the Kernel rootkit from a batch of data by selecting essential properties for learning tracking models. Thus, by identifying the OS malware, trojan assaults can be stopped before they can access infected data. This Kernel rootkit detection was tested in a Google Cloud Platform (GCP) computing system.


Artificial intelligence; Cloud instance; Data set; Deep learning; Google Cloud Platform; Rootkit

Full Text:




  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Bulletin of EEI Stats

Bulletin of Electrical Engineering and Informatics (BEEI)
ISSN: 2089-3191, e-ISSN: 2302-9285
This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).