SlideShare ist ein Scribd-Unternehmen logo

VMI and FMA

Vasily Sartakov
Vasily Sartakov

The lecture by Sartakov A. Vasily for Summer Systems School'12. Brief introduction to VMI and FMA technologies. SSS'12 - Education event, organized by ksys labs[1] in 2012, for students interested in system software development and information security. 1. http://ksyslabs.org/

Bildung
1 von 4
Downloaden Sie, um offline zu lesen
VMI and FMA четверг, 26 июля 12 г.
FMA - Forencsic memory analisys seeks to extract forensic information from dumps of physical memory. VMI - Virtual Machine Introspection VMI software runs in an isolated FMA, by contrast, typically takes virtualized environment and monitors place after a security incident is the state of other VMs. This isolation suspected to have occurred. An protects it from tampering by software investigator acquires an image of inside the monitored VM, making it an physical memory and then performs attractive way to implement security offline analysis, extracting software. VMI-based monitoring is information about the system state to performed online and focuses on explain the incident. detecting security events as they occur. четверг, 26 июля 12 г.
VMI: + Dyncamic - changes over time - Need a lot of resources - Effect on system FMA: + No time/resource restrictions + No effect on system - Static Problem: Semantic Gap четверг, 26 июля 12 г.
A. Schuster. Searching for processes and threads in Microsoft Windows memory dumps. In Proceedings of the 6th Annual Digital Forensic Research Workshop (DFRWS), 2006. VMWare, Inc. VMWare VMSafe security technology. http://www.vmware.com/ technology/security/vmsafe.html. A. Walters. The Volatility framework: Volatile memory artifact extraction utility framework. https://www.volatilesystems.com/default/volatility. T. Garfinkel and M. Rosenblum. A Virtual Machine Introspection Based Architecture for Intrusion Detection. In Proceedings of the Network and Distributed Systems Security Symposium, 2003. четверг, 26 июля 12 г.

Empfohlen

The godfather opening sequence analysis
The godfather opening sequence analysisThe godfather opening sequence analysis
The godfather opening sequence analysisDMaule
 
Pepsi Godfather Advertisement
Pepsi Godfather AdvertisementPepsi Godfather Advertisement
Pepsi Godfather Advertisementedmond_rosario
 
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...The Linux Foundation
 
Opening Sequence Analysis - The Godfather Part 1
Opening Sequence Analysis - The Godfather Part 1Opening Sequence Analysis - The Godfather Part 1
Opening Sequence Analysis - The Godfather Part 1AStamatiou
 
Film noir 9 frame - Godfather
Film noir 9 frame - GodfatherFilm noir 9 frame - Godfather
Film noir 9 frame - GodfatherNathanHunter_
 
MUSEO SANTA TERESA. POTOSÍ, BOLIVIA
MUSEO SANTA TERESA. POTOSÍ, BOLIVIAMUSEO SANTA TERESA. POTOSÍ, BOLIVIA
MUSEO SANTA TERESA. POTOSÍ, BOLIVIAMaria Rosario Carrasco Patzi
 
Actividad1: Analisis de materiales en formato electrónico
Actividad1: Analisis de materiales en formato electrónicoActividad1: Analisis de materiales en formato electrónico
Actividad1: Analisis de materiales en formato electrónicoLaura Hernández Arias
 
Smb 13032014 hve jan nesvadba cordian
Smb 13032014 hve jan nesvadba cordianSmb 13032014 hve jan nesvadba cordian
Smb 13032014 hve jan nesvadba cordianSMBBV
 

Empfohlen

The godfather opening sequence analysis
The godfather opening sequence analysisThe godfather opening sequence analysis
The godfather opening sequence analysisDMaule
 
Pepsi Godfather Advertisement
Pepsi Godfather AdvertisementPepsi Godfather Advertisement
Pepsi Godfather Advertisementedmond_rosario
 
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...The Linux Foundation
 
Opening Sequence Analysis - The Godfather Part 1
Opening Sequence Analysis - The Godfather Part 1Opening Sequence Analysis - The Godfather Part 1
Opening Sequence Analysis - The Godfather Part 1AStamatiou
 
Film noir 9 frame - Godfather
Film noir 9 frame - GodfatherFilm noir 9 frame - Godfather
Film noir 9 frame - GodfatherNathanHunter_
 
MUSEO SANTA TERESA. POTOSÍ, BOLIVIA
MUSEO SANTA TERESA. POTOSÍ, BOLIVIAMUSEO SANTA TERESA. POTOSÍ, BOLIVIA
MUSEO SANTA TERESA. POTOSÍ, BOLIVIAMaria Rosario Carrasco Patzi
 
Actividad1: Analisis de materiales en formato electrónico
Actividad1: Analisis de materiales en formato electrónicoActividad1: Analisis de materiales en formato electrónico
Actividad1: Analisis de materiales en formato electrónicoLaura Hernández Arias
 
Smb 13032014 hve jan nesvadba cordian
Smb 13032014 hve jan nesvadba cordianSmb 13032014 hve jan nesvadba cordian
Smb 13032014 hve jan nesvadba cordianSMBBV
 
Solidos cristalinos
Solidos cristalinosSolidos cristalinos
Solidos cristalinosAngel Hidalgo Lama REGPONOR-DIRTEPOL
 
Learn about PURLs and Lead Generation
Learn about PURLs and Lead GenerationLearn about PURLs and Lead Generation
Learn about PURLs and Lead GenerationJenSeaman
 
Tema Iv resumen
Tema Iv resumenTema Iv resumen
Tema Iv resumenBerta Calderon
 
FNC Paraguay propuesta seguro agricola
FNC Paraguay propuesta seguro agricolaFNC Paraguay propuesta seguro agricola
FNC Paraguay propuesta seguro agricolaatyguasufnc
 
Digitale Assistenten = Mehr Gäste im Hotel oder Destination!
Digitale Assistenten = Mehr Gäste im Hotel oder Destination! Digitale Assistenten = Mehr Gäste im Hotel oder Destination!
Digitale Assistenten = Mehr Gäste im Hotel oder Destination! PromoMasters Online Marketing
 
The Counterfeiting of Cosmetics - No to Fake ~ uibm.gov.it - No to Fake
The Counterfeiting of Cosmetics - No to Fake ~ uibm.gov.it - No to FakeThe Counterfeiting of Cosmetics - No to Fake ~ uibm.gov.it - No to Fake
The Counterfeiting of Cosmetics - No to Fake ~ uibm.gov.it - No to Fakev2zq
 
Ray flow release notes webconsole_ 1.9.0_0
Ray flow release notes webconsole_ 1.9.0_0Ray flow release notes webconsole_ 1.9.0_0
Ray flow release notes webconsole_ 1.9.0_0i4box Anon
 
Bai 23 vung bac trung bo tiet 1 (2)
Bai 23 vung bac trung bo tiet 1 (2)Bai 23 vung bac trung bo tiet 1 (2)
Bai 23 vung bac trung bo tiet 1 (2)Hoa Phượng
 
Softline E-commerce solutions for local markets
Softline E-commerce solutions for local marketsSoftline E-commerce solutions for local markets
Softline E-commerce solutions for local markets\h Zverev
 
Guia trastornos lenguaje oral y escrito
Guia trastornos lenguaje oral y escritoGuia trastornos lenguaje oral y escrito
Guia trastornos lenguaje oral y escritoMarta Montoro
 
Cartografia magnin
Cartografia magninCartografia magnin
Cartografia magninVictoria Cordova
 
Google drive y sus usos
Google drive y sus usosGoogle drive y sus usos
Google drive y sus usosGloria Forero
 
Mobile internet campaigns
Mobile internet campaignsMobile internet campaigns
Mobile internet campaignsReinoud Bosman
 
Gustav Zeitzschel - Auftritte /Veranstaltungsorte
Gustav Zeitzschel - Auftritte /VeranstaltungsorteGustav Zeitzschel - Auftritte /Veranstaltungsorte
Gustav Zeitzschel - Auftritte /VeranstaltungsorteHugo E Martin
 
Indice de producción minera 2009
Indice de producción minera 2009Indice de producción minera 2009
Indice de producción minera 2009Agencia Exportadora®
 
Malicioso Pixel - Attack QR Codes
Malicioso Pixel - Attack QR CodesMalicioso Pixel - Attack QR Codes
Malicioso Pixel - Attack QR CodesDylan Irzi
 
Hge carmenfernandez doc
Hge carmenfernandez docHge carmenfernandez doc
Hge carmenfernandez dochgefcc
 
Memory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computingMemory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computingPriyanka Aash
 
Why should you make tooling with 3D printing?
Why should you make tooling with 3D printing?Why should you make tooling with 3D printing?
Why should you make tooling with 3D printing?Design World
 
Мейнстрим технологии шифрованной памяти
Мейнстрим технологии шифрованной памятиМейнстрим технологии шифрованной памяти
Мейнстрим технологии шифрованной памятиVasily Sartakov
 
RnD Collaborations in Asia-Pacific Region
RnD Collaborations in Asia-Pacific RegionRnD Collaborations in Asia-Pacific Region
RnD Collaborations in Asia-Pacific RegionVasily Sartakov
 
Сетевая подсистема в L4Re и Genode
Сетевая подсистема в L4Re и GenodeСетевая подсистема в L4Re и Genode
Сетевая подсистема в L4Re и GenodeVasily Sartakov
 

Weitere ähnliche Inhalte

Andere mochten auch

Learn about PURLs and Lead Generation
Learn about PURLs and Lead GenerationLearn about PURLs and Lead Generation
Learn about PURLs and Lead GenerationJenSeaman
 
FNC Paraguay propuesta seguro agricola
FNC Paraguay propuesta seguro agricolaFNC Paraguay propuesta seguro agricola
FNC Paraguay propuesta seguro agricolaatyguasufnc
 
Digitale Assistenten = Mehr Gäste im Hotel oder Destination!
Digitale Assistenten = Mehr Gäste im Hotel oder Destination! Digitale Assistenten = Mehr Gäste im Hotel oder Destination!
Digitale Assistenten = Mehr Gäste im Hotel oder Destination! PromoMasters Online Marketing
 
The Counterfeiting of Cosmetics - No to Fake ~ uibm.gov.it - No to Fake
The Counterfeiting of Cosmetics - No to Fake ~ uibm.gov.it - No to FakeThe Counterfeiting of Cosmetics - No to Fake ~ uibm.gov.it - No to Fake
The Counterfeiting of Cosmetics - No to Fake ~ uibm.gov.it - No to Fakev2zq
 
Ray flow release notes webconsole_ 1.9.0_0
Ray flow release notes webconsole_ 1.9.0_0Ray flow release notes webconsole_ 1.9.0_0
Ray flow release notes webconsole_ 1.9.0_0i4box Anon
 
Bai 23 vung bac trung bo tiet 1 (2)
Bai 23 vung bac trung bo tiet 1 (2)Bai 23 vung bac trung bo tiet 1 (2)
Bai 23 vung bac trung bo tiet 1 (2)Hoa Phượng
 
Softline E-commerce solutions for local markets
Softline E-commerce solutions for local marketsSoftline E-commerce solutions for local markets
Softline E-commerce solutions for local markets\h Zverev
 
Guia trastornos lenguaje oral y escrito
Guia trastornos lenguaje oral y escritoGuia trastornos lenguaje oral y escrito
Guia trastornos lenguaje oral y escritoMarta Montoro
 
Google drive y sus usos
Google drive y sus usosGoogle drive y sus usos
Google drive y sus usosGloria Forero
 
Mobile internet campaigns
Mobile internet campaignsMobile internet campaigns
Mobile internet campaignsReinoud Bosman
 
Gustav Zeitzschel - Auftritte /Veranstaltungsorte
Gustav Zeitzschel - Auftritte /VeranstaltungsorteGustav Zeitzschel - Auftritte /Veranstaltungsorte
Gustav Zeitzschel - Auftritte /VeranstaltungsorteHugo E Martin
 
Malicioso Pixel - Attack QR Codes
Malicioso Pixel - Attack QR CodesMalicioso Pixel - Attack QR Codes
Malicioso Pixel - Attack QR CodesDylan Irzi
 
Hge carmenfernandez doc
Hge carmenfernandez docHge carmenfernandez doc
Hge carmenfernandez dochgefcc
 
Memory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computingMemory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computingPriyanka Aash
 
Why should you make tooling with 3D printing?
Why should you make tooling with 3D printing?Why should you make tooling with 3D printing?
Why should you make tooling with 3D printing?Design World
 

Andere mochten auch (19)

Solidos cristalinos
Solidos cristalinosSolidos cristalinos
Solidos cristalinos
 
Learn about PURLs and Lead Generation
Learn about PURLs and Lead GenerationLearn about PURLs and Lead Generation
Learn about PURLs and Lead Generation
 
Tema Iv resumen
Tema Iv resumenTema Iv resumen
Tema Iv resumen
 
FNC Paraguay propuesta seguro agricola
FNC Paraguay propuesta seguro agricolaFNC Paraguay propuesta seguro agricola
FNC Paraguay propuesta seguro agricola
 
Digitale Assistenten = Mehr Gäste im Hotel oder Destination!
Digitale Assistenten = Mehr Gäste im Hotel oder Destination! Digitale Assistenten = Mehr Gäste im Hotel oder Destination!
Digitale Assistenten = Mehr Gäste im Hotel oder Destination!
 
The Counterfeiting of Cosmetics - No to Fake ~ uibm.gov.it - No to Fake
The Counterfeiting of Cosmetics - No to Fake ~ uibm.gov.it - No to FakeThe Counterfeiting of Cosmetics - No to Fake ~ uibm.gov.it - No to Fake
The Counterfeiting of Cosmetics - No to Fake ~ uibm.gov.it - No to Fake
 
Ray flow release notes webconsole_ 1.9.0_0
Ray flow release notes webconsole_ 1.9.0_0Ray flow release notes webconsole_ 1.9.0_0
Ray flow release notes webconsole_ 1.9.0_0
 
Bai 23 vung bac trung bo tiet 1 (2)
Bai 23 vung bac trung bo tiet 1 (2)Bai 23 vung bac trung bo tiet 1 (2)
Bai 23 vung bac trung bo tiet 1 (2)
 
Softline E-commerce solutions for local markets
Softline E-commerce solutions for local marketsSoftline E-commerce solutions for local markets
Softline E-commerce solutions for local markets
 
Guia trastornos lenguaje oral y escrito
Guia trastornos lenguaje oral y escritoGuia trastornos lenguaje oral y escrito
Guia trastornos lenguaje oral y escrito
 
Cartografia magnin
Cartografia magninCartografia magnin
Cartografia magnin
 
Google drive y sus usos
Google drive y sus usosGoogle drive y sus usos
Google drive y sus usos
 
Mobile internet campaigns
Mobile internet campaignsMobile internet campaigns
Mobile internet campaigns
 
Gustav Zeitzschel - Auftritte /Veranstaltungsorte
Gustav Zeitzschel - Auftritte /VeranstaltungsorteGustav Zeitzschel - Auftritte /Veranstaltungsorte
Gustav Zeitzschel - Auftritte /Veranstaltungsorte
 
Indice de producción minera 2009
Indice de producción minera 2009Indice de producción minera 2009
Indice de producción minera 2009
 
Malicioso Pixel - Attack QR Codes
Malicioso Pixel - Attack QR CodesMalicioso Pixel - Attack QR Codes
Malicioso Pixel - Attack QR Codes
 
Hge carmenfernandez doc
Hge carmenfernandez docHge carmenfernandez doc
Hge carmenfernandez doc
 
Memory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computingMemory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computing
 
Why should you make tooling with 3D printing?
Why should you make tooling with 3D printing?Why should you make tooling with 3D printing?
Why should you make tooling with 3D printing?
 

Mehr von Vasily Sartakov

Мейнстрим технологии шифрованной памяти
Мейнстрим технологии шифрованной памятиМейнстрим технологии шифрованной памяти
Мейнстрим технологии шифрованной памятиVasily Sartakov
 
RnD Collaborations in Asia-Pacific Region
RnD Collaborations in Asia-Pacific RegionRnD Collaborations in Asia-Pacific Region
RnD Collaborations in Asia-Pacific RegionVasily Sartakov
 
Сетевая подсистема в L4Re и Genode
Сетевая подсистема в L4Re и GenodeСетевая подсистема в L4Re и Genode
Сетевая подсистема в L4Re и GenodeVasily Sartakov
 
Защита памяти при помощи NX-bit в среде L4Re
Защита памяти при помощи NX-bit в среде L4ReЗащита памяти при помощи NX-bit в среде L4Re
Защита памяти при помощи NX-bit в среде L4ReVasily Sartakov
 
Hardware Errors and the OS
Hardware Errors and the OSHardware Errors and the OS
Hardware Errors and the OSVasily Sartakov
 
Operating Systems Meet Fault Tolerance
Operating Systems Meet Fault ToleranceOperating Systems Meet Fault Tolerance
Operating Systems Meet Fault ToleranceVasily Sartakov
 
Operating Systems Hardening
Operating Systems HardeningOperating Systems Hardening
Operating Systems HardeningVasily Sartakov
 
Особенности Национального RnD
Особенности Национального RnDОсобенности Национального RnD
Особенности Национального RnDVasily Sartakov
 
Introduction to Microkernels
Introduction to MicrokernelsIntroduction to Microkernels
Introduction to MicrokernelsVasily Sartakov
 
Advanced Components on Top of L4Re
Advanced Components on Top of L4ReAdvanced Components on Top of L4Re
Advanced Components on Top of L4ReVasily Sartakov
 

Mehr von Vasily Sartakov (20)

Мейнстрим технологии шифрованной памяти
Мейнстрим технологии шифрованной памятиМейнстрим технологии шифрованной памяти
Мейнстрим технологии шифрованной памяти
 
RnD Collaborations in Asia-Pacific Region
RnD Collaborations in Asia-Pacific RegionRnD Collaborations in Asia-Pacific Region
RnD Collaborations in Asia-Pacific Region
 
Сетевая подсистема в L4Re и Genode
Сетевая подсистема в L4Re и GenodeСетевая подсистема в L4Re и Genode
Сетевая подсистема в L4Re и Genode
 
Защита памяти при помощи NX-bit в среде L4Re
Защита памяти при помощи NX-bit в среде L4ReЗащита памяти при помощи NX-bit в среде L4Re
Защита памяти при помощи NX-bit в среде L4Re
 
Hardware Errors and the OS
Hardware Errors and the OSHardware Errors and the OS
Hardware Errors and the OS
 
Operating Systems Meet Fault Tolerance
Operating Systems Meet Fault ToleranceOperating Systems Meet Fault Tolerance
Operating Systems Meet Fault Tolerance
 
Intro
IntroIntro
Intro
 
Genode OS Framework
Genode OS FrameworkGenode OS Framework
Genode OS Framework
 
Operating Systems Hardening
Operating Systems HardeningOperating Systems Hardening
Operating Systems Hardening
 
Особенности Национального RnD
Особенности Национального RnDОсобенности Национального RnD
Особенности Национального RnD
 
Genode Architecture
Genode ArchitectureGenode Architecture
Genode Architecture
 
Genode Components
Genode ComponentsGenode Components
Genode Components
 
Genode Programming
Genode ProgrammingGenode Programming
Genode Programming
 
Genode Compositions
Genode CompositionsGenode Compositions
Genode Compositions
 
Trusted Computing Base
Trusted Computing BaseTrusted Computing Base
Trusted Computing Base
 
System Integrity
System IntegritySystem Integrity
System Integrity
 
Intro
IntroIntro
Intro
 
Memory, IPC and L4Re
Memory, IPC and L4ReMemory, IPC and L4Re
Memory, IPC and L4Re
 
Introduction to Microkernels
Introduction to MicrokernelsIntroduction to Microkernels
Introduction to Microkernels
 
Advanced Components on Top of L4Re
Advanced Components on Top of L4ReAdvanced Components on Top of L4Re
Advanced Components on Top of L4Re
 

Kürzlich hochgeladen

Presentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxPresentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxRosabel UA
 
Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataBabyAnnMotar
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
TEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxTEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxruthvilladarez
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxAshokKarra1
 
Textual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSTextual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSMae Pangan
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfPatidar M
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxVanesaIglesias10
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptxmary850239
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Seán Kennedy
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4JOYLYNSAMANIEGO
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...JojoEDelaCruz
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONHumphrey A Beña
 
Congestive Cardiac Failure..presentation
Congestive Cardiac Failure..presentationCongestive Cardiac Failure..presentation
Congestive Cardiac Failure..presentationdeepaannamalai16
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfJemuel Francisco
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 

Kürzlich hochgeladen (20)

Presentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxPresentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptx
 
Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped data
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
TEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxTEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docx
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptx
 
Textual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSTextual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHS
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdf
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptx
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
 
Congestive Cardiac Failure..presentation
Congestive Cardiac Failure..presentationCongestive Cardiac Failure..presentation
Congestive Cardiac Failure..presentation
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 

VMI and FMA

  • 1. VMI and FMA четверг, 26 июля 12 г.
  • 2. FMA - Forencsic memory analisys seeks to extract forensic information from dumps of physical memory. VMI - Virtual Machine Introspection VMI software runs in an isolated FMA, by contrast, typically takes virtualized environment and monitors place after a security incident is the state of other VMs. This isolation suspected to have occurred. An protects it from tampering by software investigator acquires an image of inside the monitored VM, making it an physical memory and then performs attractive way to implement security offline analysis, extracting software. VMI-based monitoring is information about the system state to performed online and focuses on explain the incident. detecting security events as they occur. четверг, 26 июля 12 г.
  • 3. VMI: + Dyncamic - changes over time - Need a lot of resources - Effect on system FMA: + No time/resource restrictions + No effect on system - Static Problem: Semantic Gap четверг, 26 июля 12 г.
  • 4. A. Schuster. Searching for processes and threads in Microsoft Windows memory dumps. In Proceedings of the 6th Annual Digital Forensic Research Workshop (DFRWS), 2006. VMWare, Inc. VMWare VMSafe security technology. http://www.vmware.com/ technology/security/vmsafe.html. A. Walters. The Volatility framework: Volatile memory artifact extraction utility framework. https://www.volatilesystems.com/default/volatility. T. Garfinkel and M. Rosenblum. A Virtual Machine Introspection Based Architecture for Intrusion Detection. In Proceedings of the Network and Distributed Systems Security Symposium, 2003. четверг, 26 июля 12 г.