Xen Project Developer Summit has ended
View analytic
Monday, August 18 • 1:30pm - 2:00pm
Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bitdefender and Ravi Sahita, Intel

Sign up or log in to save this to your schedule and see who's attending!

This presentation will detail a practical approach to memory introspection of virtual machines running on the Xen hypervisor with no in-guest footprint. The functionality makes use of the mem-event API with a number of improvements which enable the proper tracking of guest OS activity. The technology created on top of this Xen API opens the door for several immediate applications, including: rootkit detection and prevention, detection and action on several categories of malware, and event source information for low-level post-event forensics and correlation based on real event data during events.

avatar for Mihai Donțu

Mihai Donțu

Technical Project Manager, Bitdefender
Mihai Dontu is the technical project manager of the Linux development team within Bitdefender and is currently involved in integrating their virtual machine introspection technology in Xen and KVM.

Ravi Sahita

Principal Engineer and Security Researcher, Intel
Ravi Sahita is a Principal Engineer and Security Researcher at Intel Labs. He is building processor and platform approaches to mitigate computer malware for runtime integrity of software on Intel CPU-based platforms. Ravi has designed new CPU intrinsics for anti-malware software... Read More →

Monday August 18, 2014 1:30pm - 2:00pm

Attendees (0)