Kernel rootkit detection multi class on deep learning techniques

Abstract

The harmful code application known as a rootkit is designed to be loaded and run directly from the operating system's (OSs') Kernel. Rootkits deployed in the Kernel, called Kernel-mode rootkits, can alter the OS. The intention behind these Kernel changes is to conceal the hack. Detecting a Kernel rootkit in a target machine is found to be quite challenging. Numerous techniques can be employed to modify the Kernel of a system. Kernel rootkits also create hidden access for attacks, enabling unauthorized entry to be gained by attackers on the machine. The ultimate consequence is that essential computer data can be modified, personal information can be gathered, and hackers can observe behavior. Synthetic neural networks support artificial intelligence, a branch of deep learning that models the human brain and operates on large datasets. This study proposed the Kernel rootkit detection multi-class deep learning techniques (KRDMCDLT). Deep learning algorithms are utilized to recognize the Kernel rootkit from a batch of data by selecting essential properties for learning tracking models. Thus, by identifying the OS malware, trojan assaults can be stopped before they can access infected data. This Kernel rootkit detection was tested in a Google Cloud Platform (GCP) computing system.