Detecting and administrating hide processes in linux system

Abstract EN

Hiding processes in Linux system is an essential part of rootkits actions and malicious program.

So, it is very important to monitor and administrate the system hidden processes to ensure the safety and reliability of the computer system.

Also, process administration can be a vital factor in determining the stability of a running system.

The aim of this research is to detect hide processes in Linux system depending on / proc system files and offer tools for monitoring these processes in addition to monitoring and administrating all other processes in the system to ensure that the required processes are running and that the total number of each type of running process is appropriate to maintain system stability.

The software offers capability for displaying processes in the system including hidden processes with full information about them.

And it offers options for killing or suspending a process, change process priority and viewing the memory map and the memory status for a given process.

The work has been run successfully on Linux operating system, Ubuntu distribution, version 10.4, and developed using C++ GUI programming with Qt 4 package and number of shell commands.