SlideShare a Scribd company logo
1 of 52
Download to read offline
Outline
● What is the Cloud?
● Looking at HW based security
● Virtual Machine Introspection
● LibVMI
● Demos
● What’s next?
What is the Cloud?
Big Tech Technician End user
Management Developers Researcher
Cloud Security
● Mainly an issue for the cloud providers
● They need to monitor their virtual hardware
● And for enterprise cloud applications
● They need to monitor their database and webapp
● An end user can only change his password
● He has no access to the underlying hardware/software
Cloud Security
● Co-resident/breakout attacks
● Possible
● Network based attacks
● Probable
● Attackers will go after the low-hanging fruit
● We need to leverage Cloud defense mechanisms
Why should you care?
● The technology powering the Cloud is also
available on end-user systems
● on your phone, PC, tablets..
● Defense mechanisms that work for the
Cloud will work for you!
Non-comprehensive
History of HW Security
..in 5 minutes
Before 1982
Real Mode
1982: Protected mode
Ring2
Ring1
Ring3
Ring0
1982: Protected mode
Ring2
Ring1
Ring3
Ring0
Application
Operating System
Unused
1982: Protected mode
Ring2
Ring1
Ring3
Ring0
Application
Operating System
UnusedMore
privilege
Ring3Ring3
1982: Protected mode
Ring2
Ring1
Ring3
Ring0
Applications
Operating System
Unused
Ring3Ring3
Ring3Ring3
2003: Xen
Ring2
Ring3
Ring0
Applications
Xen
Unused
Operating SystemsRing1
Ring3Ring3
2003: x86-64
Ring2
Ring1
Ring3
Ring0
Applications
Operating System
Disabled
Ring3Ring3
2003: Xen on x86-64
Ring2
Ring1
Ring3
Ring0
OS/Applications
Xen
Disabled
2006: VT-x & AMD-V
Ring2
Ring1
Ring3
Ring0
App
Operating System
Disabled/Unused
Ring-1 Hypervisor
2006: VT-x & AMD-V
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
VMX root
OS/Hypervisor
VMX non-root
Virtual Machine
More privilege
2006: VT-x & AMD-V
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
VMX root
OS/Hypervisor
VMX non-root
Virtual Machines
Psst.. I’m here too (since ‘93)!
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
VMX root
OS/Hypervisor
VMX non-root
Virtual Machines
Ring-2
System
Management Mode
Psst.. I’m here too (since ‘93)!
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
VMX root
OS/Hypervisor
VMX non-root
Virtual Machines
System
Management Mode
Ring2
Ring1
Ring3
Ring0
2006?: Intel Dual-monitor SMM
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Secure Transfer
Monitor (STM)
2008: Intel Management Engine
Ring-3
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Intel ME
2008: Intel Management Engine
User Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Kernel
ARC 600(?)
2008: Intel Management Engine
User
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
ARC 600(?)
2013: Nested virtualization!
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Nested
Hypervisor
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
201x: Intel SGX
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring0
SGX
Ring3
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
201x: Intel SGX
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring0
SGX
Ring3
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring0
SGX
Ring3
SGX
Ring3
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
Oh yea, we have these too..
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring0
SGX
Ring3
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring0
SGX
Ring3
SGX
Ring3
User
Supervisor
User
Supervisor
User
Supervisor
ARM CPUs in your
harddrive, NIC, etc.
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
User
Kernel
The Cloud in 2015
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
Ring2
Ring1
Ring3
Ring0
VMX root
OS/Hypervisor
VMX non-root
Virtual Machines
Securing Virtual Machines
● Security based on the Hypervisor
● Move security stack outside of the OS!
● Monitor
o VM Memory
o Virtual Hardware state
Virtual Machine
Introspection
What is VMI
● View and control virtual machine from an
external perspective
● Including
o Network
o Disk
o Memory
o vCPU
VMI - The 3 aspects
1. Isolation
2. Interpretation
3. Interposition
Isolation
● Move security component outside of the
guest operating system
● Hypervisor exposes a smaller attack surface
● Increasingly harder to tamper with or disable
security system
Interposition
● Step into the execution of the machine
● Prevent attacks from modifying the system
(repair hooks, privileges, etc.)
● Needs to be fast, reliable, and stealthy
● Based directly on hardware events
VMI - The 3 aspects
1. Isolation → Hypervisor
2. Interpretation → LibVMI / Volatility
3. Interposition → Intel
LibVMI
Use cases
● System-level debugging
● Timeline or trend analysis
● Runtime security
● OS Integrity
● Malware analysis
● Forensics
Core features
● Read and write VM memory
● Virtual Memory Translation (Paging)
o Using various methods (DTB, PID, Kernel Symbol)
● Find and map guest OS data structures
● Place monitoring event-hooks into the guest
o Exceptions, Page Faults
Events on Xen with Intel CPUs
● Intel Extended Page Tables (EPT)
● Register write events ([X]CR0/3/4, MSRs)
● Software breakpoint interrupts (INT3)
● Single-stepping (MTF)
What’s next with LibVMI?
Future directions
● More guest OS support:
o Android, BSD, etc.
● More (and better) hypervisor support:
o KVM events, VirtualBox, Hyper-V, ESXi, etc.
● More events support on more platforms:
o AMD, ARM, Intel
What’s next in the Cloud?
Future directions in the Cloud
● Software developed with Cloud in mind
● Scalable Applications and Separation of
Tasks
● Enable VMI in the cloud
o The Software and Hardware is already available
o Cloud Providers do not provide access
Thanks!
Tamas K Lengyel
tamas@tklengyel.com
tlengyel@novetta.com
@tklengyel
Thomas Kittel
kittel@sec.in.tum.de
LibVMI http://libvmi.com
DRAKVUF http://drakvuf.com

More Related Content

What's hot

Virtual Machine Introspection - Future of the Cloud
Virtual Machine Introspection - Future of the CloudVirtual Machine Introspection - Future of the Cloud
Virtual Machine Introspection - Future of the CloudTjylen Veselyj
 
Pitfalls of virtual machine introspection on modern hardware
Pitfalls of virtual machine introspection on modern hardwarePitfalls of virtual machine introspection on modern hardware
Pitfalls of virtual machine introspection on modern hardwareTamas K Lengyel
 
BSides Denver: Stealthy, hypervisor-based malware analysis
BSides Denver: Stealthy, hypervisor-based malware analysisBSides Denver: Stealthy, hypervisor-based malware analysis
BSides Denver: Stealthy, hypervisor-based malware analysisTamas K Lengyel
 
Virtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot ArchitectureVirtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot ArchitectureTamas K Lengyel
 
Virtual Machine Introspection with Xen
Virtual Machine Introspection with XenVirtual Machine Introspection with Xen
Virtual Machine Introspection with XenTamas K Lengyel
 
Hacktivity 2016: Stealthy, hypervisor based malware analysis
Hacktivity 2016: Stealthy, hypervisor based malware analysisHacktivity 2016: Stealthy, hypervisor based malware analysis
Hacktivity 2016: Stealthy, hypervisor based malware analysisTamas K Lengyel
 
OffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenOffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenTamas K Lengyel
 
CyberSEED: Virtual Machine Introspection to Detect and Protect
CyberSEED: Virtual Machine Introspection to Detect and ProtectCyberSEED: Virtual Machine Introspection to Detect and Protect
CyberSEED: Virtual Machine Introspection to Detect and ProtectTamas K Lengyel
 
VM Forking and Hypervisor-based Fuzzing with Xen
VM Forking and Hypervisor-based Fuzzing with XenVM Forking and Hypervisor-based Fuzzing with Xen
VM Forking and Hypervisor-based Fuzzing with XenTamas K Lengyel
 
Применение виртуализации для динамического анализа
Применение виртуализации для динамического анализаПрименение виртуализации для динамического анализа
Применение виртуализации для динамического анализаPositive Hack Days
 
VM Forking and Hypervisor-based fuzzing
VM Forking and Hypervisor-based fuzzingVM Forking and Hypervisor-based fuzzing
VM Forking and Hypervisor-based fuzzingTamas K Lengyel
 
Масштабируемый и эффективный фаззинг Google Chrome
Масштабируемый и эффективный фаззинг Google ChromeМасштабируемый и эффективный фаззинг Google Chrome
Масштабируемый и эффективный фаззинг Google ChromePositive Hack Days
 
Solnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsecSolnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsecPacSecJP
 
Practical Windows Kernel Exploitation
Practical Windows Kernel ExploitationPractical Windows Kernel Exploitation
Practical Windows Kernel ExploitationzeroSteiner
 
Yunusov babin 7 sins pres atm v2
Yunusov babin 7 sins pres atm v2Yunusov babin 7 sins pres atm v2
Yunusov babin 7 sins pres atm v2PacSecJP
 
A Stuxnet for Mainframes
A Stuxnet for MainframesA Stuxnet for Mainframes
A Stuxnet for MainframesCheryl Biswas
 
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)Shota Shinogi
 
Is That A Penguin In My Windows?
Is That A Penguin In My Windows?Is That A Penguin In My Windows?
Is That A Penguin In My Windows?zeroSteiner
 
BlueHat v17 || Don't Let Your Virtualization Fabric Become the Attack Vector
BlueHat v17 || Don't Let Your Virtualization Fabric Become the Attack Vector BlueHat v17 || Don't Let Your Virtualization Fabric Become the Attack Vector
BlueHat v17 || Don't Let Your Virtualization Fabric Become the Attack Vector BlueHat Security Conference
 

What's hot (20)

Virtual Machine Introspection - Future of the Cloud
Virtual Machine Introspection - Future of the CloudVirtual Machine Introspection - Future of the Cloud
Virtual Machine Introspection - Future of the Cloud
 
Pitfalls of virtual machine introspection on modern hardware
Pitfalls of virtual machine introspection on modern hardwarePitfalls of virtual machine introspection on modern hardware
Pitfalls of virtual machine introspection on modern hardware
 
BSides Denver: Stealthy, hypervisor-based malware analysis
BSides Denver: Stealthy, hypervisor-based malware analysisBSides Denver: Stealthy, hypervisor-based malware analysis
BSides Denver: Stealthy, hypervisor-based malware analysis
 
Virtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot ArchitectureVirtual Machine Introspection in a Hyberid Honeypot Architecture
Virtual Machine Introspection in a Hyberid Honeypot Architecture
 
Virtual Machine Introspection with Xen
Virtual Machine Introspection with XenVirtual Machine Introspection with Xen
Virtual Machine Introspection with Xen
 
Hacktivity 2016: Stealthy, hypervisor based malware analysis
Hacktivity 2016: Stealthy, hypervisor based malware analysisHacktivity 2016: Stealthy, hypervisor based malware analysis
Hacktivity 2016: Stealthy, hypervisor based malware analysis
 
OffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenOffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with Xen
 
CyberSEED: Virtual Machine Introspection to Detect and Protect
CyberSEED: Virtual Machine Introspection to Detect and ProtectCyberSEED: Virtual Machine Introspection to Detect and Protect
CyberSEED: Virtual Machine Introspection to Detect and Protect
 
VM Forking and Hypervisor-based Fuzzing with Xen
VM Forking and Hypervisor-based Fuzzing with XenVM Forking and Hypervisor-based Fuzzing with Xen
VM Forking and Hypervisor-based Fuzzing with Xen
 
Применение виртуализации для динамического анализа
Применение виртуализации для динамического анализаПрименение виртуализации для динамического анализа
Применение виртуализации для динамического анализа
 
VM Forking and Hypervisor-based fuzzing
VM Forking and Hypervisor-based fuzzingVM Forking and Hypervisor-based fuzzing
VM Forking and Hypervisor-based fuzzing
 
Масштабируемый и эффективный фаззинг Google Chrome
Масштабируемый и эффективный фаззинг Google ChromeМасштабируемый и эффективный фаззинг Google Chrome
Масштабируемый и эффективный фаззинг Google Chrome
 
Solnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsecSolnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsec
 
Practical Windows Kernel Exploitation
Practical Windows Kernel ExploitationPractical Windows Kernel Exploitation
Practical Windows Kernel Exploitation
 
Yunusov babin 7 sins pres atm v2
Yunusov babin 7 sins pres atm v2Yunusov babin 7 sins pres atm v2
Yunusov babin 7 sins pres atm v2
 
A Stuxnet for Mainframes
A Stuxnet for MainframesA Stuxnet for Mainframes
A Stuxnet for Mainframes
 
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
 
ShinoBOT Suite
ShinoBOT SuiteShinoBOT Suite
ShinoBOT Suite
 
Is That A Penguin In My Windows?
Is That A Penguin In My Windows?Is That A Penguin In My Windows?
Is That A Penguin In My Windows?
 
BlueHat v17 || Don't Let Your Virtualization Fabric Become the Attack Vector
BlueHat v17 || Don't Let Your Virtualization Fabric Become the Attack Vector BlueHat v17 || Don't Let Your Virtualization Fabric Become the Attack Vector
BlueHat v17 || Don't Let Your Virtualization Fabric Become the Attack Vector
 

Similar to Cloud Security with LibVMI

CISSP Week 14
CISSP Week 14CISSP Week 14
CISSP Week 14jemtallon
 
Hybis: Advanced Introspection for Effective Windows Guest Protection
Hybis: Advanced Introspection for Effective Windows Guest ProtectionHybis: Advanced Introspection for Effective Windows Guest Protection
Hybis: Advanced Introspection for Effective Windows Guest ProtectionFederico Franzoni
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com -  IoT SecurityRyan Wilson - ryanwilson.com -  IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson
 
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor FiorimTI Safe
 
Cassandra Lunch #90: Securing Apache Cassandra
Cassandra Lunch #90: Securing Apache CassandraCassandra Lunch #90: Securing Apache Cassandra
Cassandra Lunch #90: Securing Apache CassandraAnant Corporation
 
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCloudIDSummit
 
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdfdino715195
 
Implementing a Security strategy in IoT, Practical example Automotive Grade L...
Implementing a Security strategy in IoT, Practical example Automotive Grade L...Implementing a Security strategy in IoT, Practical example Automotive Grade L...
Implementing a Security strategy in IoT, Practical example Automotive Grade L...LibreCon
 
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...The Linux Foundation
 
Oksana Safronova - Will you detect it or not? How to check if security team i...
Oksana Safronova - Will you detect it or not? How to check if security team i...Oksana Safronova - Will you detect it or not? How to check if security team i...
Oksana Safronova - Will you detect it or not? How to check if security team i...NoNameCon
 
Stuxnet mass weopan of cyber attack
Stuxnet mass weopan of cyber attackStuxnet mass weopan of cyber attack
Stuxnet mass weopan of cyber attackAjinkya Nikam
 
Paper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devicesPaper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devicesYOU SHENG CHEN
 
Mitigating Java Deserialization attacks from within the JVM (improved version)
Mitigating Java Deserialization attacks from within the JVM (improved version)Mitigating Java Deserialization attacks from within the JVM (improved version)
Mitigating Java Deserialization attacks from within the JVM (improved version)Apostolos Giannakidis
 
Android Internals at Linaro Connect Asia 2013
Android Internals at Linaro Connect Asia 2013Android Internals at Linaro Connect Asia 2013
Android Internals at Linaro Connect Asia 2013Opersys inc.
 
HKUST Security Lab Opening Ceremony
HKUST Security Lab Opening CeremonyHKUST Security Lab Opening Ceremony
HKUST Security Lab Opening CeremonyKelvin Chan
 
Android Security, From the Ground Up
Android Security, From the Ground UpAndroid Security, From the Ground Up
Android Security, From the Ground UpOpersys inc.
 
13.02 Network Security
13.02   Network Security13.02   Network Security
13.02 Network SecurityAnjan Mahanta
 

Similar to Cloud Security with LibVMI (20)

Vm final
Vm finalVm final
Vm final
 
CISSP Week 14
CISSP Week 14CISSP Week 14
CISSP Week 14
 
Hybis: Advanced Introspection for Effective Windows Guest Protection
Hybis: Advanced Introspection for Effective Windows Guest ProtectionHybis: Advanced Introspection for Effective Windows Guest Protection
Hybis: Advanced Introspection for Effective Windows Guest Protection
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com -  IoT SecurityRyan Wilson - ryanwilson.com -  IoT Security
Ryan Wilson - ryanwilson.com - IoT Security
 
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
 
Cassandra Lunch #90: Securing Apache Cassandra
Cassandra Lunch #90: Securing Apache CassandraCassandra Lunch #90: Securing Apache Cassandra
Cassandra Lunch #90: Securing Apache Cassandra
 
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
 
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
 
Implementing a Security strategy in IoT, Practical example Automotive Grade L...
Implementing a Security strategy in IoT, Practical example Automotive Grade L...Implementing a Security strategy in IoT, Practical example Automotive Grade L...
Implementing a Security strategy in IoT, Practical example Automotive Grade L...
 
Hacker bootcamp
Hacker bootcampHacker bootcamp
Hacker bootcamp
 
Lecture 7 - Security
Lecture 7 - SecurityLecture 7 - Security
Lecture 7 - Security
 
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
 
Oksana Safronova - Will you detect it or not? How to check if security team i...
Oksana Safronova - Will you detect it or not? How to check if security team i...Oksana Safronova - Will you detect it or not? How to check if security team i...
Oksana Safronova - Will you detect it or not? How to check if security team i...
 
Stuxnet mass weopan of cyber attack
Stuxnet mass weopan of cyber attackStuxnet mass weopan of cyber attack
Stuxnet mass weopan of cyber attack
 
Paper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devicesPaper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devices
 
Mitigating Java Deserialization attacks from within the JVM (improved version)
Mitigating Java Deserialization attacks from within the JVM (improved version)Mitigating Java Deserialization attacks from within the JVM (improved version)
Mitigating Java Deserialization attacks from within the JVM (improved version)
 
Android Internals at Linaro Connect Asia 2013
Android Internals at Linaro Connect Asia 2013Android Internals at Linaro Connect Asia 2013
Android Internals at Linaro Connect Asia 2013
 
HKUST Security Lab Opening Ceremony
HKUST Security Lab Opening CeremonyHKUST Security Lab Opening Ceremony
HKUST Security Lab Opening Ceremony
 
Android Security, From the Ground Up
Android Security, From the Ground UpAndroid Security, From the Ground Up
Android Security, From the Ground Up
 
13.02 Network Security
13.02   Network Security13.02   Network Security
13.02 Network Security
 

Recently uploaded

Tech Tuesday Slides - Getting Started with the Portfolio Module.
Tech Tuesday Slides - Getting Started with the Portfolio Module.Tech Tuesday Slides - Getting Started with the Portfolio Module.
Tech Tuesday Slides - Getting Started with the Portfolio Module.OnePlan Solutions
 
OpenMetadata Community Meeting - 4th April, 2024
OpenMetadata Community Meeting - 4th April, 2024OpenMetadata Community Meeting - 4th April, 2024
OpenMetadata Community Meeting - 4th April, 2024OpenMetadata
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...OnePlan Solutions
 
AmsterdamJUG April 2024 - Going serverless with Quarkus GraalVM native images...
AmsterdamJUG April 2024 - Going serverless with Quarkus GraalVM native images...AmsterdamJUG April 2024 - Going serverless with Quarkus GraalVM native images...
AmsterdamJUG April 2024 - Going serverless with Quarkus GraalVM native images...Bert Jan Schrijver
 
What are the core components of Azure Data Engineer courses.docx
What are the core components of Azure Data Engineer courses.docxWhat are the core components of Azure Data Engineer courses.docx
What are the core components of Azure Data Engineer courses.docxkzayra69
 
Preparing BitVisor for Supporting Multiple Architectures
Preparing BitVisor for Supporting Multiple ArchitecturesPreparing BitVisor for Supporting Multiple Architectures
Preparing BitVisor for Supporting Multiple ArchitecturesAke Koomsin
 
What is Mendix and the concept of low-code development.docx
What is Mendix and the concept of low-code development.docxWhat is Mendix and the concept of low-code development.docx
What is Mendix and the concept of low-code development.docxTechnogeeks
 
full course of software engineering mid term.pdf
full course of software engineering mid term.pdffull course of software engineering mid term.pdf
full course of software engineering mid term.pdfAbdul salam
 
oracle 23c new features for developer and dba
oracle 23c new features for developer and dbaoracle 23c new features for developer and dba
oracle 23c new features for developer and dbaRemote DBA Services
 
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdfPros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdfkalichargn70th171
 
Revolutionize Your Video Editing with InVideo.io: A Comprehensive Review
Revolutionize Your Video Editing with InVideo.io: A Comprehensive ReviewRevolutionize Your Video Editing with InVideo.io: A Comprehensive Review
Revolutionize Your Video Editing with InVideo.io: A Comprehensive Reviewjw364beach
 
Reliable from-source builds (Qshare 28 Nov 2023).pdf
Reliable from-source builds (Qshare 28 Nov 2023).pdfReliable from-source builds (Qshare 28 Nov 2023).pdf
Reliable from-source builds (Qshare 28 Nov 2023).pdfRalf Gommers
 
Mastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptxMastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptxAS Design & AST.
 
What’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesWhat’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesVictoriaMetrics
 
Understanding Plagiarism: Causes, Consequences and Prevention.pptx
Understanding Plagiarism: Causes, Consequences and Prevention.pptxUnderstanding Plagiarism: Causes, Consequences and Prevention.pptx
Understanding Plagiarism: Causes, Consequences and Prevention.pptxSasikiranMarri
 
Explore the Three Main Types of Logistics - Inbound Logistics, Outbound Logis...
Explore the Three Main Types of Logistics - Inbound Logistics, Outbound Logis...Explore the Three Main Types of Logistics - Inbound Logistics, Outbound Logis...
Explore the Three Main Types of Logistics - Inbound Logistics, Outbound Logis...Piyovi
 
The State of the Green IT at the beginning of 2024
The State of the Green IT at the beginning of 2024The State of the Green IT at the beginning of 2024
The State of the Green IT at the beginning of 2024Artur Skowroński
 
Effort Estimation Techniques used in Software Projects
Effort Estimation Techniques used in Software ProjectsEffort Estimation Techniques used in Software Projects
Effort Estimation Techniques used in Software ProjectsDEEPRAJ PATHAK
 
Key Steps in Agile Software Delivery Roadmap
Key Steps in Agile Software Delivery RoadmapKey Steps in Agile Software Delivery Roadmap
Key Steps in Agile Software Delivery RoadmapIshara Amarasekera
 
logical backup of Oracle Datapump-detailed.pptx
logical backup of Oracle Datapump-detailed.pptxlogical backup of Oracle Datapump-detailed.pptx
logical backup of Oracle Datapump-detailed.pptxRemote DBA Services
 

Recently uploaded (20)

Tech Tuesday Slides - Getting Started with the Portfolio Module.
Tech Tuesday Slides - Getting Started with the Portfolio Module.Tech Tuesday Slides - Getting Started with the Portfolio Module.
Tech Tuesday Slides - Getting Started with the Portfolio Module.
 
OpenMetadata Community Meeting - 4th April, 2024
OpenMetadata Community Meeting - 4th April, 2024OpenMetadata Community Meeting - 4th April, 2024
OpenMetadata Community Meeting - 4th April, 2024
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
 
AmsterdamJUG April 2024 - Going serverless with Quarkus GraalVM native images...
AmsterdamJUG April 2024 - Going serverless with Quarkus GraalVM native images...AmsterdamJUG April 2024 - Going serverless with Quarkus GraalVM native images...
AmsterdamJUG April 2024 - Going serverless with Quarkus GraalVM native images...
 
What are the core components of Azure Data Engineer courses.docx
What are the core components of Azure Data Engineer courses.docxWhat are the core components of Azure Data Engineer courses.docx
What are the core components of Azure Data Engineer courses.docx
 
Preparing BitVisor for Supporting Multiple Architectures
Preparing BitVisor for Supporting Multiple ArchitecturesPreparing BitVisor for Supporting Multiple Architectures
Preparing BitVisor for Supporting Multiple Architectures
 
What is Mendix and the concept of low-code development.docx
What is Mendix and the concept of low-code development.docxWhat is Mendix and the concept of low-code development.docx
What is Mendix and the concept of low-code development.docx
 
full course of software engineering mid term.pdf
full course of software engineering mid term.pdffull course of software engineering mid term.pdf
full course of software engineering mid term.pdf
 
oracle 23c new features for developer and dba
oracle 23c new features for developer and dbaoracle 23c new features for developer and dba
oracle 23c new features for developer and dba
 
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdfPros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
 
Revolutionize Your Video Editing with InVideo.io: A Comprehensive Review
Revolutionize Your Video Editing with InVideo.io: A Comprehensive ReviewRevolutionize Your Video Editing with InVideo.io: A Comprehensive Review
Revolutionize Your Video Editing with InVideo.io: A Comprehensive Review
 
Reliable from-source builds (Qshare 28 Nov 2023).pdf
Reliable from-source builds (Qshare 28 Nov 2023).pdfReliable from-source builds (Qshare 28 Nov 2023).pdf
Reliable from-source builds (Qshare 28 Nov 2023).pdf
 
Mastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptxMastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptx
 
What’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesWhat’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 Updates
 
Understanding Plagiarism: Causes, Consequences and Prevention.pptx
Understanding Plagiarism: Causes, Consequences and Prevention.pptxUnderstanding Plagiarism: Causes, Consequences and Prevention.pptx
Understanding Plagiarism: Causes, Consequences and Prevention.pptx
 
Explore the Three Main Types of Logistics - Inbound Logistics, Outbound Logis...
Explore the Three Main Types of Logistics - Inbound Logistics, Outbound Logis...Explore the Three Main Types of Logistics - Inbound Logistics, Outbound Logis...
Explore the Three Main Types of Logistics - Inbound Logistics, Outbound Logis...
 
The State of the Green IT at the beginning of 2024
The State of the Green IT at the beginning of 2024The State of the Green IT at the beginning of 2024
The State of the Green IT at the beginning of 2024
 
Effort Estimation Techniques used in Software Projects
Effort Estimation Techniques used in Software ProjectsEffort Estimation Techniques used in Software Projects
Effort Estimation Techniques used in Software Projects
 
Key Steps in Agile Software Delivery Roadmap
Key Steps in Agile Software Delivery RoadmapKey Steps in Agile Software Delivery Roadmap
Key Steps in Agile Software Delivery Roadmap
 
logical backup of Oracle Datapump-detailed.pptx
logical backup of Oracle Datapump-detailed.pptxlogical backup of Oracle Datapump-detailed.pptx
logical backup of Oracle Datapump-detailed.pptx
 

Cloud Security with LibVMI