¨Application-level Trojan Horse
Backdoor
–A separate application runs on the
system that provides backdoor access to attacker
¨Traditional RootKits
–Critical operating system executables
are replaced
by attacker to create backdoors and facilitate hiding
¨Kernel-level RootKits
–Operating system kernel itself is
modified to allow backdoor access and to help attacker to hide