Name: Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bitdefender and Ravi Sahita, Intel
Start: 2014-08-18T13:30:00-0500
End: 2014-08-18T14:00:00-0500

Back To Schedule

Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bitdefender and Ravi Sahita, Intel

This presentation will detail a practical approach to memory introspection of virtual machines running on the Xen hypervisor with no in-guest footprint. The functionality makes use of the mem-event API with a number of improvements which enable the proper tracking of guest OS activity. The technology created on top of this Xen API opens the door for several immediate applications, including: rootkit detection and prevention, detection and action on several categories of malware, and event source information for low-level post-event forensics and correlation based on real event data during events.

Speakers

Mihai Donțu

Engineering Manager, Bitdefender

I lead the Linux development team at Bitdefender and I am currently involved in integrating our HVI technology with open source hypervisors like Xen and KVM

Ravi Sahita

Security Architect (Sr. PE), Intel

Ravi Sahita is a Senior Principal Engineer at Intel in the Data Platforms Group. He has 20 years of experience in computer security, hardware virtualization, systems and platform software, CPU ISA and applying machine learning for security. His current focus is on architecture development... Read More →

Monday August 18, 2014 1:30pm - 2:00pm CDT
Erie

Session

Xen Project Developer Summit

Mihai Donțu

Ravi Sahita

Attendees (0)

Xen Project Developer Summit

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Mihai Donțu

Ravi Sahita

Attendees (0)