A survey on rootkit detection and prevention techniques.

Rootkits are a special class of software whose goal is to gain and maintain a high level of privilege inside of a computer system. A rootkit uses its elevated position to hide itself from the prying eyes of most malware detection technologies. Rootkits are able to hide so effectively because they can subvert normal operating system functions. If a user on a system infected with a rootkit attempts to view a list of running processes, then the rootkit would take control and list all running processes except the rootkit. Since this occurs on a low level, traditional malware detection suites cannot detect the subversion.Rootkits are very useful to attackers, because they can be bundled with whatever malcode payload they prefer. Rootkits have been used in adware, spyware, ransomware, and many other forms of malicious programs. Because of the great danger that rootkits pose to computer security, new methods must be devised to effectively root them out. This paper explores the mechanisms that have been used to combat the various rootkit technologies

Software Assurance for Blockchain Contracts

Blockchain technology is rapidly developing and, with proper execution, is on its way to widespread adoption in many areas outside of the technology sphere. Blockchains have many use cases and one function that can be provided is the idea of “smart contracts”. Smart contracts are applications that are stored on the blockchain that allow trustless transactions between peers. There are risks involved with utilizing these contracts because they can be developed and deployed by anyone with a working knowledge of common programming languages. This leads to issues because once these contracts are pushed to the blockchain it is impossible to change them without a hard fork. This means that vulnerable smart contracts must remain on the blockchain indefinitely, where they are open to exploitation by malicious parties. One suggestion to mitigate this issue is to have a clause that invalidates old contracts if a signed update is pushed. This solution is workable, but this project’s goal is to prevent this problem entirely by developing a testing suite that will allow smart contract developers to assure that their software is as error-free as possible before deploying it to the blockchain. This paper will analyze several popular blockchain platforms that support smart contracts, common vulnerabilities in smart contracts, and the cutting edge of smart contract assurance tools. We will be aggregating and extending this data to create the proposed testing suite