LynuxWorks Announces the First Rootkit Detection System Powered by the LynxSecure Separation Kernel

By Caroline Rees / 18 Sep 2013
Follow UST

Rootkit Detection SystemLynuxWorks™, Inc, a technology leader in the cyber threat defense market, today announced at the Gartner Security & Risk Management Summit in London, the RDS5201, a new and unique product to help detect the stealthiest of advanced persistent threats (APT), the rootkit. Built on the LynxSecure 5.2 separation kernel and hypervisor (announced at the RSA 2013 Conference in February), this small-form-factor appliance has been designed to offer a unique detection capability that complements traditional security mechanisms as they try to protect against the growing number and complexity of cyber threats.

The RDS5201 Rootkit Detection System is a custom-built hardened appliance, which detects low-level, zero-day rootkits—the lethal payload of most APTs. The detection is direct (i.e., not done by statistical analysis or other indirect techniques) and is coupled with immediate, automated, live visual forensic data. The RDS5201 serves as a smart proactive sensor against APT attacks in IT networks and reduces the agonizing detection of APTs from weeks/months to seconds, and is the first and only technology capable of detecting and alerting against such threats in real-time.

“Rootkits are becoming stealthier, more potent and more complex. The threat from them is becoming more prevalent, as exploit kits are commercially available and are easier to use. Recent researches are showing that seven of the top ten threats in 2012 were rootkits and that the number of boot-level rootkits increased dramatically,” said Avishai Ziv, vice president of Cyber Security Solutions at LynuxWorks. “The normal endpoint and network-protection mechanisms simply cannot prevent, or even detect, them until it is too late and hence the need for a new type of security product, such as the RDS5201, to help give early warning for these threats as they infect our enterprise networks.”

Rootkits work at the lowest levels of the operating system (OS) they intend to attack. Common detection and prevention mechanisms are part of the “attack target,” allowing rootkits to disable the installed anti-malware client applications. The only way to overcome low-level rootkits is by allowing the security application to execute with a higher security privilege than the attacked OS; provide complete control of the platform hardware; and monitor all activities of the OS and its applications. It must also be self-protecting, non-bypassable and tamper-proof.

The RDS5201 is based on the LynxSecure separation kernel and hypervisor that offers a non-detectable secure platform that is used to exercise potential infections and with the introduction of the patent-pending rootkit detection feature from the 5.2 release. These stealthy threats are revealed as they attack their virtual victim. LynxSecure is the most privileged monitor in the RDS5201 platform, and constantly monitors for malicious and irregular activity in key disk areas (MBR, key blocks and sectors); physical memory areas; CPU instructions and data structures; interrupt data structures etc. This detection is completely OS-agnostic, as it’s situated below any of the guest OS. Upon detection, the RDS5201 immediately alerts and sends an automated live forensics report to its dashboard. The report contains visual representation (such as the clean and infected disk sectors in-memory data structures), allowing rapid and focused threat response. The RDS5201 can also be connected to other network protection systems such as SIEM and threat-management systems, offering an early warning mechanism that complements and enhances existing security solutions.

Posted by Caroline Rees Caroline co-founded Unmanned Systems Technology and has been at the forefront of the business ever since. With a Masters Degree in marketing Caroline has her finger on the pulse of all things unmanned and is committed to showcasing the very latest in unmanned technical innovation. Connect & Contact

Latest Articles

Most Read Articles on UST This Week

Here’s our round-up of the five most read articles on UnmannedSystemsTechnology.com this week

Jan 10, 2025
Beyond Vision & Eyeson Partnership

Explore Beyond Vision's strategic partnership with Eyeson, and how its reshaping emergency response and defense operations, combining AI drones with virtual command centers for real-time situational awareness

Jan 10, 2025
Boosting Public Safety with LiveU and Skydio

Whitepaper released that explores how LiveU’s advanced IP-video technology and Skydio’s autonomous drones work together to enhance situational awareness in public safety operations

Jan 10, 2025
New Drone Detection Solution Leverages Remote ID Broadcasts

AeroDefense has introduced AirWarden™ Essentials, an affordable system that monitors drone traffic through Remote ID broadcasts, offering detailed alerts and analysis

Jan 10, 2025
Advanced Lithium-Ion Cells for Drones & Robotics Launched at CES 2025

SES AI unveiled its 2170 cylindrical cell for drones and robotics applications at CES 2025, leveraging AI-discovered electrolytes to enhance performance and safety

Jan 10, 2025
NEXCOM Unveils Autonomous Mobile Robot at CES 2025

NEXCOM subsidiary NexAIoT showcases the NexMOV-2 robot with Kneron at CES 2025, demonstrating cutting-edge advancements in intelligent mobility and modular robotics design

Jan 10, 2025

Featured Content

New Safety System Unveiled for Anzu Raptor Drones

ParaZero has launched the SafeAir Raptor, a parachute safety system for Anzu Robotics’ Raptor and Raptor T drone models that complies with ASTM F3322-22 standards

Jan 08, 2025
How ANELLO’s Disruptive SiPhOG™ Technology is Shaping the Future of Precision Navigation

UST sits down with Dr. Mario Paniccia, CEO at ANELLO Photonics, to learn how Silicon Photonics Optical Gyroscope technology is empowering autonomous systems with cutting-edge navigation solutions

Jan 06, 2025
XPONENTIAL Europe Highlights Autonomous Robotics for Perimeter Security

XPONENTIAL Europe, held in DĂĽsseldorf from 18-20 February 2025, will focus on uncrewed systems and highlight their use for protecting critical infrastructure

Jan 02, 2025