Recent rootkit-attack mitigation work neglected to address the integrity of the mitigation tool itself. Both detection and prevention arms of current rootkit-attack mitigation solutions can be given credit for the advancement of multiple methodologies for rootkit defense but if the defense system itself is compromised, how is the defense system to be trusted? Another deficiency not addressed is how platform integrity can be preserved without availability of current RIDS or RIPS solutions, which operate only upon the loading of the kernel i.e. without availability of a trusted boot environment. To address these deficiencies, we present our architecture for solving rootkit persistence – Rootkit Guard (RG). RG is a marriage between TrustedGRUB (providing trusted boot), IMA (Integrity Measurement Architecture) (serves as RIDS) and SELinux (serves as RIPS). TPM hardware is utilised to provide total integrity of our platform via storage of the aggregate of the clean snapshot of our platform OS kernel into TPM hardware registers (i.e. the PCR) – of which no software attacks have been demonstrated to date. RG solves rootkit persistence by leveraging on one vital but simple strategy: the mounting of rootkit defense via prevention of the execution of configuration binaries or build initialisation scripts. We adopted the technique of rootkit persistence prevention via thwarting the initialisation of a rootkit’s installation procedure; if the rootkit is successfully installed, proper deployment via thwarting of the rootkit’s
configuration is prevented. We had subjected the RG to 8 real world Linux 2.6 rootkits and the RG was successful in solving rootkit persistence in all 8 evaluated rootkits. In terms of performance, the RG introduced a maximum of 11% overhead and an average of 4% overhead, hence permitting deployment in production environments.
Date palm is an important domestic cash crop in most countries. Sudden Decline Syndrome (SDS) causes a huge loss to the crop both in quality and quantity. The literature reports the significance of early detection of disease towards preventive measures to improve the quality of the crop. The number of prevailing detection methods limits to consideration of a certain aspect of disease identification. This study proposes a new hybrid fuzzy fast multi-Otsu K-Means (FFMKO) algorithm integrating the date palm image enhancement, robust thresholding, and optimal clustering for significant disease identification. The algorithm adopts a multi-operator image resizing cost function based on image energy and the dominant color descriptor, the adaptive Fuzzy noise filter, and Otsu image thresholding combined with K-Means clustering enhancements. Besides, we validate the process with histogram equalization and threshold transformation towards enhanced color feature extraction of date palm images. The algorithm authenticates findings on a local dataset of 3293 date palm images and, on a benchmarked data set as well. It achieves an accuracy of 94.175% for successful detection of SDS that outperforms the existing similar algorithms. The impactful findings of this study assure the fast and authentic detection of the disease at an earlier stage to uplift the quality and quantity of the date palm and boost the agriculture-based economy.