Xen Project Developer Summit has ended
Monday, August 18 • 1:30pm - 2:00pm
Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bitdefender and Ravi Sahita, Intel

Sign up or log in to save this to your schedule and see who's attending!

This presentation will detail a practical approach to memory introspection of virtual machines running on the Xen hypervisor with no in-guest footprint. The functionality makes use of the mem-event API with a number of improvements which enable the proper tracking of guest OS activity. The technology created on top of this Xen API opens the door for several immediate applications, including: rootkit detection and prevention, detection and action on several categories of malware, and event source information for low-level post-event forensics and correlation based on real event data during events.

avatar for Mihai Donțu

Mihai Donțu

Engineering Manager, Bitdefender
I lead the Linux development team at Bitdefender and I am currently involved in integrating our HVI technology with open source hypervisors like Xen and KVM

Ravi Sahita

Principal Engineer and Security Researcher, Intel
Ravi Sahita is a Principal Engineer and Security Researcher at Intel Labs. He is building processor and platform approaches to mitigate computer malware for runtime integrity of software on Intel CPU-based platforms. Ravi has designed new CPU intrinsics for anti-malware software... Read More →

Monday August 18, 2014 1:30pm - 2:00pm

Attendees (0)