Presentation Title: MOSREF: Using Cryptography and Injectable Virtual Machines in Security
Presentation Details:

Mosquito is a secure remote execution framework available via LGPL that combines high-grade cryptography and a small efficient virtual machine on both ends to ensure that intellectual property is protected. It also presents a dynamic environment on a target host that can be reprogrammed on the fly over a secure communications channel to fit the current situation.

The virtual machine was written from scratch for this purpose, with a built in cryptography library, and was optimized for size with an eye towards being able to inject it. The virtual machine’s native programming environment is a Scheme-derived Lisp-family language, with an optimizing bytecode compiler. It is also cross-platform using ANSI C and GCC, currently running on OpenBSD, Darwin, Linux, and Win32. Compiled bytecode is portable between these platforms, much like Pascal’s P-code.

The comprehensive talk will cover the framework and methodologies that went into creating a secure remote execution environment. The algorithms used to secure communication channels will be discussed. The virtual machine and language themselves will be covered in some detail along with examples. Additionally, there will be a demonstration of writing an exploit in this framework, and using it to inject a virtual machine on a remote host.

About Wes

Wes Brown is a long-time network security practitioner who specializes in code reviews, web application assessments, penetration testing, and tools development.

Prior to joining Accuvant as a senior security consultant, Wes worked for Internet Security System’s X-Force Consulting team. He conducted hundreds of penetration tests and web application assessments for ISS clients ranging from the smallest to Fortune 500 companies. He was also responsible for many of the in-house tools that helped the external assessment consulting practice succeed. He also can be frequently seen at industry conferences, having spoken at Defcon in the past.

In founding Ephemeral Security, Wes hopes to advance the state of the art in network security by doing innovative and original research work. When not conducting consulting work, he has spent the last year and half on the Mosquito Environment along with other members of his company.

Currently, he is hard at work as one of Accuvant’s lead consultants which gives him an opportunity to test the tools and environments that is developed as part of Ephemeral Security’s research efforts. He does the majority of the automation and tools that streamlines the assessment practice’s engagements, increasing quality while reducing turnaround time. Of course, Wes also does conventional consulting with a keen focus on code reviews and application assessments.

Ephemeral Security: http://www.ephemeralsecurity.com