[ mainpage :: register :: training :: conference :: hitb-labs :: the venue ]
[ capture the flag (CTF) :: wireless village :: lock picking village (LPV) :: open-hack ]
[ call for papers (CFP) :: conference agenda :: sponsors :: press/media :: forum ]
[ conference kit (PDF) :: past conferences :: contact us ]


HITBSecConf2008 - Malaysia (Day 1)

HITBSecConf2008 - Malaysia (Day 2)

Registration for HITBSecConf2009 - Dubai is also now open.

Alexander Tereshkin (Principal Researcher, Invisible Things Lab)

Filed under: Main Page — Administrator @ 11:13 am

Presentation Title: Bluepilling the Xen Hypervisor
Presentation Abstract:

This talk will discuss how to insert Bluepill on top of the running Xen hypervisor (x64). Methods to do that both with and without restart (i.e. on the fly) will be shown. To make this possible, Bluepill needs to support full nested virtualization, so that Xen can still function properly. The presentation will also discuss how the “Bluepill detection” methods proposed over the last 2 years, as well as the hypervisor integrity scanning methods, fit into this new scenario and how far we are from the stealth malware`s Holy Grail.

About Alexander

Alexander Tereshkin, principal researcher of Invisible Things Lab, is a seasoned reverse engineer and expert into Windows kernel, specializing in rootkit technology, kernel exploitation and hardware virtualization security. He has presented several sophisticated ideas for rootkit creation and personal firewall bypassing in the past few years. He has done significant work in the field of virtualization based malware and kernel protection bypassing. He is a co-author of “Understanding Stealth Malware” course taught with Joanna Rutkowska.

Event Organizer

Hack In The Box (M) Sdn. Bhd.

Supported & Endorsed By

Malaysian National Computer Confederation

Multimedia Development Corporation

Platinum Sponsors

Titanium Sponsor (Post Conference Reception)

Gold Sponsors

CTF Sponsor

CTF Prize Sponsor

Open-Hack Sponsor

Metro-e and Official Bandwidth Sponsor

Network Equipment Sponsor

Our Speakers are Supported By

Supporting Media:

Virus Bulletin

InfoSec News

InfoSec News

XAKEP (Russia)

Supporting Organizations

Professional Information Security Association - Hong Kong

Special Interest Group in Security & Information InteGrity Singapore