SlideShare ist ein Scribd-Unternehmen logo

XS Boston 2008 Malware & Training

The Linux Foundation
The Linux Foundation

Stephen Brueckner: Novel Applications of Xen: Virtual Training & Malware

Technologie
1 von 23
Downloaden Sie, um offline zu lesen
Novel Applications of Xen: Virtual Training & Malware Evaluation June 23, 2008 Stephen Brueckner ATC-NY Ithaca, NY ATC-NY Architecture Technology Corporation
Introduction Novel applications Not typical enterprise usage User works both inside & outside VMs One user interacts with many VMs Minimize external footprint inside VMs User space Minimal changes to Xen Scripting using “xm” commands Xen Summit Boston 2008 ATC-NY 08-018 2
Projects CYDEST (virtual training environment) Management interface Automating access to VM internals EXAMIN (malware testing environment) VM configuration tool VM introspection work Started 3 and 2 years ago, respectively Xen Summit Boston 2008 ATC-NY 08-018 3
Objectives Inform you of our projects’ requirements Show you the tools we developed Describe Xen features we built upon While seeking advice on alternatives Provide feedback to Xen community Problems Wish lists Questions Xen Summit Boston 2008 ATC-NY 08-018 4
CYDEST: Cyber Defense Trainer Realism Real attacks & defense tools Both network and hosts Full fidelity (not a simulator) Availability Web access Up 24/7/365 Automation Auto-assessment Automated dynamic attacks Xen Summit Boston 2008 ATC-NY 08-018 5
CYDEST Architecture Xen Summit Boston 2008 ATC-NY 08-018 6
Trainee’s Management Interface Goal: Maintain trainee’s situational awareness Graphical representation (with labels) Net topology, hostnames, IPs, OSs Component Status (using colors) VMs & bridges: “up,” down, booting/shutting down Controls (buttons) Start, Stop, VNC Implementation Web-enabled Manually configured Xen Summit Boston 2008 ATC-NY 08-018 7
CYDEST Management GUI Xen Summit Boston 2008 ATC-NY 08-018 8
Monitor & Control Channels Requirements Automatable Out-of-band (network traffic not visible to trainee) Reliable (not network dependent) Solution Separate networks (physical & virtual ) Use guest’s serial consoles Program to negotiate guest interaction Consoles to control Windows VMs Windows serial console listener and shell Unfortunately, violates guest sanctity Xen Summit Boston 2008 ATC-NY 08-018 9
CYDEST Network Separation Xen Summit Boston 2008 ATC-NY 08-018 10
Monitor & Control Channels (cont.) open2xm.pl Automated console interactions Queueing of access requests External & internal timeouts Buffering I/O (for processes, not humans) XML encapsulation (separation of stdout and sterr) Handles login (handles various users & prompts) Batch mode Implementation Scripted using “xm console” Currently experimenting with Xen API (XML RPC) Xen Summit Boston 2008 ATC-NY 08-018 11
EXAMIN: Exploit and Malware Incubator A testing/reverse engineering platform Motivation: Closed-sourced software has uncertain pedigree May therefore include embedded malicious code Virtualization is common approach VM detection currently an anti-tamper technique… Not anticipated to be an issue in the future Xen Summit Boston 2008 ATC-NY 08-018 12
EXAMIN Design Native kernels (HVMs) Stealthy malware may not execute in paravirt E.g., LKM rootkit expecting “sysenter_entry” Components Incubator: the VM network Instrumentation Internal: standard tools External: VM introspection Xen Summit Boston 2008 ATC-NY 08-018 13
EXAMIN Incubator Creation Objective: User-configurable heterogeneous VM network Virtual Network Builder (VNB) Front-end topology editor Back-end VM provisioning Linux (dead image manipulation) mount, chroot, rpm Windows (provisioning live VMs) Because registry can’t be modified w/o Win API Xen Summit Boston 2008 ATC-NY 08-018 14
EXAMIN VNB Xen Summit Boston 2008 ATC-NY 08-018 15
EXAMIN External Instrumentation High-assurance security monitoring services VM introspection of guest kernel’s memory Using XenAccess (open source introspection library) Current services: Integrity checking kernel & processes Code segments Specific structures (IDT, system call table) “Mostly static” structures (module list) Cross-view checking High assurance versions of standard HIDS NIDS (not true VM introspection) Xen Summit Boston 2008 ATC-NY 08-018 16
EXAMIN: Bridging Semantic Gap Xen Summit Boston 2008 ATC-NY 08-018 17
Bridging Semantic Gap: Preview of WIP Automated Determine data structure layouts and magic numbers Generalizable to most OSs Implemented for both Linux and Windows Run same code on host and guest No learning curve for a new language or API Ease porting of existing apps Attend VMsec/CCS in October for details Paper submitted… Xen Summit Boston 2008 ATC-NY 08-018 18
Problems EXAMIN: guest isolation guarantees important Continuous security bug fixes Hypervisor inspection/validation concept practical? Others are working hard on this Xen’s rapid development Changing APIs Emerging tools Both are poorly documented Xen Summit Boston 2008 ATC-NY 08-018 19
Wish List Faster serial console or equivalent channel EXAMIN’s cross-view checking needs to stream large pcap files from guest to host Multiple serial consoles CYDEST’s queueing of simultaneous access requests isn’t optimal Limit of >3 vif’s on a guest? Never mind…new Xen handles up to 8 vifs Xen Summit Boston 2008 ATC-NY 08-018 20
Questions Are there other management interfaces we should look at? We have unusual requirements Graph-drawing capability for network topology Integrated remote VNC/shell access Display & control of bridges Display of VM internals (hostnames, IPs, OSs) Web browser interface Xen Summit Boston 2008 ATC-NY 08-018 21
Questions (cont.) Are there other VM builders we should be considering? MLN was originally UML, not a very active project Our requirements: GUI network builder VM configuration: network, users, software Support Linux and Windows Xen Summit Boston 2008 ATC-NY 08-018 22
Contact Information ATC-NY Cornell Business & Technology Park 33 Thornwood Drive, Suite 500 Ithaca, NY 14850 Technical Contacts: Mr. Stephen Brueckner, PI Dr. Frank Adelstein, Co-PI (607) 266-7118 (607) 266-7104 steve@atc-nycorp.com fadelstein@atc-nycorp.com Management Contact: Business Development Contact: Ms. Julie Baker Mr. Gene Proctor (607) 266-7125 (202) 293-9701 x113 jbaker@atc-nycorp.com gproctor@atcorp-dc.com Xen Summit Boston 2008 ATC-NY 08-018 23

Empfohlen

XS Japan 2008 Project Status English
XS Japan 2008 Project Status EnglishXS Japan 2008 Project Status English
XS Japan 2008 Project Status EnglishThe Linux Foundation
 
XS Boston 2008 OVF
XS Boston 2008 OVFXS Boston 2008 OVF
XS Boston 2008 OVFThe Linux Foundation
 
XS Japan 2008 BitVisor English
XS Japan 2008 BitVisor EnglishXS Japan 2008 BitVisor English
XS Japan 2008 BitVisor EnglishThe Linux Foundation
 
Ian Prattlinuxworld Xen Aug2008
Ian Prattlinuxworld Xen Aug2008Ian Prattlinuxworld Xen Aug2008
Ian Prattlinuxworld Xen Aug2008The Linux Foundation
 
XS 2008 Boston VTPM
XS 2008 Boston VTPMXS 2008 Boston VTPM
XS 2008 Boston VTPMThe Linux Foundation
 
XS Boston 2008 Project Status
XS Boston 2008 Project StatusXS Boston 2008 Project Status
XS Boston 2008 Project StatusThe Linux Foundation
 
XS Boston 2008 Self IO Emulation
XS Boston 2008 Self IO EmulationXS Boston 2008 Self IO Emulation
XS Boston 2008 Self IO EmulationThe Linux Foundation
 
XS Boston 2008 Network Topology
XS Boston 2008 Network TopologyXS Boston 2008 Network Topology
XS Boston 2008 Network TopologyThe Linux Foundation
 

Empfohlen

XS Japan 2008 Project Status English
XS Japan 2008 Project Status EnglishXS Japan 2008 Project Status English
XS Japan 2008 Project Status EnglishThe Linux Foundation
 
XS Boston 2008 OVF
XS Boston 2008 OVFXS Boston 2008 OVF
XS Boston 2008 OVFThe Linux Foundation
 
XS Japan 2008 BitVisor English
XS Japan 2008 BitVisor EnglishXS Japan 2008 BitVisor English
XS Japan 2008 BitVisor EnglishThe Linux Foundation
 
Ian Prattlinuxworld Xen Aug2008
Ian Prattlinuxworld Xen Aug2008Ian Prattlinuxworld Xen Aug2008
Ian Prattlinuxworld Xen Aug2008The Linux Foundation
 
XS 2008 Boston VTPM
XS 2008 Boston VTPMXS 2008 Boston VTPM
XS 2008 Boston VTPMThe Linux Foundation
 
XS Boston 2008 Project Status
XS Boston 2008 Project StatusXS Boston 2008 Project Status
XS Boston 2008 Project StatusThe Linux Foundation
 
XS Boston 2008 Self IO Emulation
XS Boston 2008 Self IO EmulationXS Boston 2008 Self IO Emulation
XS Boston 2008 Self IO EmulationThe Linux Foundation
 
XS Boston 2008 Network Topology
XS Boston 2008 Network TopologyXS Boston 2008 Network Topology
XS Boston 2008 Network TopologyThe Linux Foundation
 
XS Boston 2008 OpenSolaris
XS Boston 2008 OpenSolarisXS Boston 2008 OpenSolaris
XS Boston 2008 OpenSolarisThe Linux Foundation
 
XS Oracle 2009 Intro Slides
XS Oracle 2009 Intro SlidesXS Oracle 2009 Intro Slides
XS Oracle 2009 Intro SlidesThe Linux Foundation
 
Ina Pratt Fosdem Feb2008
Ina Pratt Fosdem Feb2008Ina Pratt Fosdem Feb2008
Ina Pratt Fosdem Feb2008The Linux Foundation
 
XS Boston 2008 Fault Tolerance
XS Boston 2008 Fault ToleranceXS Boston 2008 Fault Tolerance
XS Boston 2008 Fault ToleranceThe Linux Foundation
 
Ian Pratt Usenix 08 Keynote
Ian Pratt Usenix 08 KeynoteIan Pratt Usenix 08 Keynote
Ian Pratt Usenix 08 KeynoteThe Linux Foundation
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 
Nakajima numa-final
Nakajima numa-finalNakajima numa-final
Nakajima numa-finalThe Linux Foundation
 
XS Japan 2008 Citrix English
XS Japan 2008 Citrix EnglishXS Japan 2008 Citrix English
XS Japan 2008 Citrix EnglishThe Linux Foundation
 
XS Japan 2008 App Data English
XS Japan 2008 App Data EnglishXS Japan 2008 App Data English
XS Japan 2008 App Data EnglishThe Linux Foundation
 
XS Japan 2008 Ganeti English
XS Japan 2008 Ganeti EnglishXS Japan 2008 Ganeti English
XS Japan 2008 Ganeti EnglishThe Linux Foundation
 
Security Best Practices For Hyper V And Server Virtualization
Security Best Practices For Hyper V And Server VirtualizationSecurity Best Practices For Hyper V And Server Virtualization
Security Best Practices For Hyper V And Server Virtualizationrsnarayanan
 
Linux Foundation Collaboration Summit 13 :10 years of Xen and Beyond
Linux Foundation Collaboration Summit 13 :10 years of Xen and BeyondLinux Foundation Collaboration Summit 13 :10 years of Xen and Beyond
Linux Foundation Collaboration Summit 13 :10 years of Xen and BeyondThe Linux Foundation
 
LCA13: Xen on ARM
LCA13: Xen on ARMLCA13: Xen on ARM
LCA13: Xen on ARMLinaro
 
Hypervisors
HypervisorsHypervisors
HypervisorsInzemamul Haque
 
OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training The Linux Foundation
 
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...The Linux Foundation
 
µ-Xen
µ-Xenµ-Xen
µ-XenLars Kurth
 
Virtualization Technology Overview
Virtualization Technology OverviewVirtualization Technology Overview
Virtualization Technology OverviewOpenCity Community
 
XS Boston 2008 VT-D PCI
XS Boston 2008 VT-D PCIXS Boston 2008 VT-D PCI
XS Boston 2008 VT-D PCIThe Linux Foundation
 
Mobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesMobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesThe Linux Foundation
 
A Xen Case Study
A Xen Case StudyA Xen Case Study
A Xen Case StudyKris Buytaert
 
DC Metro And Federal VMUG March 2009
DC Metro And Federal VMUG March 2009DC Metro And Federal VMUG March 2009
DC Metro And Federal VMUG March 2009langonej
 

Weitere ähnliche Inhalte

Was ist angesagt?

XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 
Security Best Practices For Hyper V And Server Virtualization
Security Best Practices For Hyper V And Server VirtualizationSecurity Best Practices For Hyper V And Server Virtualization
Security Best Practices For Hyper V And Server Virtualizationrsnarayanan
 
Linux Foundation Collaboration Summit 13 :10 years of Xen and Beyond
Linux Foundation Collaboration Summit 13 :10 years of Xen and BeyondLinux Foundation Collaboration Summit 13 :10 years of Xen and Beyond
Linux Foundation Collaboration Summit 13 :10 years of Xen and BeyondThe Linux Foundation
 
LCA13: Xen on ARM
LCA13: Xen on ARMLCA13: Xen on ARM
LCA13: Xen on ARMLinaro
 
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...The Linux Foundation
 
Virtualization Technology Overview
Virtualization Technology OverviewVirtualization Technology Overview
Virtualization Technology OverviewOpenCity Community
 
Mobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesMobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesThe Linux Foundation
 

Was ist angesagt? (20)

XS Boston 2008 OpenSolaris
XS Boston 2008 OpenSolarisXS Boston 2008 OpenSolaris
XS Boston 2008 OpenSolaris
 
XS Oracle 2009 Intro Slides
XS Oracle 2009 Intro SlidesXS Oracle 2009 Intro Slides
XS Oracle 2009 Intro Slides
 
Ina Pratt Fosdem Feb2008
Ina Pratt Fosdem Feb2008Ina Pratt Fosdem Feb2008
Ina Pratt Fosdem Feb2008
 
XS Boston 2008 Fault Tolerance
XS Boston 2008 Fault ToleranceXS Boston 2008 Fault Tolerance
XS Boston 2008 Fault Tolerance
 
Ian Pratt Usenix 08 Keynote
Ian Pratt Usenix 08 KeynoteIan Pratt Usenix 08 Keynote
Ian Pratt Usenix 08 Keynote
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
 
Nakajima numa-final
Nakajima numa-finalNakajima numa-final
Nakajima numa-final
 
XS Japan 2008 Citrix English
XS Japan 2008 Citrix EnglishXS Japan 2008 Citrix English
XS Japan 2008 Citrix English
 
XS Japan 2008 App Data English
XS Japan 2008 App Data EnglishXS Japan 2008 App Data English
XS Japan 2008 App Data English
 
XS Japan 2008 Ganeti English
XS Japan 2008 Ganeti EnglishXS Japan 2008 Ganeti English
XS Japan 2008 Ganeti English
 
Security Best Practices For Hyper V And Server Virtualization
Security Best Practices For Hyper V And Server VirtualizationSecurity Best Practices For Hyper V And Server Virtualization
Security Best Practices For Hyper V And Server Virtualization
 
Linux Foundation Collaboration Summit 13 :10 years of Xen and Beyond
Linux Foundation Collaboration Summit 13 :10 years of Xen and BeyondLinux Foundation Collaboration Summit 13 :10 years of Xen and Beyond
Linux Foundation Collaboration Summit 13 :10 years of Xen and Beyond
 
LCA13: Xen on ARM
LCA13: Xen on ARMLCA13: Xen on ARM
LCA13: Xen on ARM
 
Hypervisors
HypervisorsHypervisors
Hypervisors
 
OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training
 
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
 
µ-Xen
µ-Xenµ-Xen
µ-Xen
 
Virtualization Technology Overview
Virtualization Technology OverviewVirtualization Technology Overview
Virtualization Technology Overview
 
XS Boston 2008 VT-D PCI
XS Boston 2008 VT-D PCIXS Boston 2008 VT-D PCI
XS Boston 2008 VT-D PCI
 
Mobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesMobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen Technologies
 

Ähnlich wie XS Boston 2008 Malware & Training

DC Metro And Federal VMUG March 2009
DC Metro And Federal VMUG March 2009DC Metro And Federal VMUG March 2009
DC Metro And Federal VMUG March 2009langonej
 
IRJET - Analysis of Virtual Machine in Digital Forensics
IRJET - Analysis of Virtual Machine in Digital ForensicsIRJET - Analysis of Virtual Machine in Digital Forensics
IRJET - Analysis of Virtual Machine in Digital ForensicsIRJET Journal
 
“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...
“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...
“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...Design World
 
Openstack Icehouse IaaS Presentation
Openstack Icehouse IaaS PresentationOpenstack Icehouse IaaS Presentation
Openstack Icehouse IaaS Presentationemad ahmed
 
The Next Step of OpenStack Evolution for NFV Deployments
The Next Step of OpenStack Evolution for NFV DeploymentsThe Next Step of OpenStack Evolution for NFV Deployments
The Next Step of OpenStack Evolution for NFV DeploymentsDirk Kutscher
 
Xen Euro Par07
Xen Euro Par07Xen Euro Par07
Xen Euro Par07congvc
 
XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...
XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...
XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...The Linux Foundation
 
Zero footprint guest memory introspection from xen
Zero footprint guest memory introspection from xenZero footprint guest memory introspection from xen
Zero footprint guest memory introspection from xenBitdefender Enterprise
 
TechWiseTV Workshop: Catalyst Switching Programmability
TechWiseTV Workshop: Catalyst Switching ProgrammabilityTechWiseTV Workshop: Catalyst Switching Programmability
TechWiseTV Workshop: Catalyst Switching ProgrammabilityRobb Boyd
 
Dependable Cloud Comuting
Dependable Cloud ComutingDependable Cloud Comuting
Dependable Cloud ComutingKazuhiko Kato
 
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...The Linux Foundation
 
Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]Louis Göhl
 
MSMDC_CLI363
MSMDC_CLI363MSMDC_CLI363
MSMDC_CLI363mokacao
 
MikeTaulty_WPF_DevDays
MikeTaulty_WPF_DevDaysMikeTaulty_WPF_DevDays
MikeTaulty_WPF_DevDaysukdpe
 
Symbian OS - Client Server Framework
Symbian OS - Client Server FrameworkSymbian OS - Client Server Framework
Symbian OS - Client Server FrameworkAndreas Jakl
 
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...Puppet
 
Azure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKS
Azure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKSAzure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKS
Azure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKSazuredayit
 
Runtime 8 and Windows Phone 8
Runtime 8 and Windows Phone 8Runtime 8 and Windows Phone 8
Runtime 8 and Windows Phone 8Damir Dobric
 

Ähnlich wie XS Boston 2008 Malware & Training (20)

A Xen Case Study
A Xen Case StudyA Xen Case Study
A Xen Case Study
 
DC Metro And Federal VMUG March 2009
DC Metro And Federal VMUG March 2009DC Metro And Federal VMUG March 2009
DC Metro And Federal VMUG March 2009
 
IRJET - Analysis of Virtual Machine in Digital Forensics
IRJET - Analysis of Virtual Machine in Digital ForensicsIRJET - Analysis of Virtual Machine in Digital Forensics
IRJET - Analysis of Virtual Machine in Digital Forensics
 
“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...
“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...
“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...
 
Openstack Icehouse IaaS Presentation
Openstack Icehouse IaaS PresentationOpenstack Icehouse IaaS Presentation
Openstack Icehouse IaaS Presentation
 
The Next Step of OpenStack Evolution for NFV Deployments
The Next Step of OpenStack Evolution for NFV DeploymentsThe Next Step of OpenStack Evolution for NFV Deployments
The Next Step of OpenStack Evolution for NFV Deployments
 
Xen Euro Par07
Xen Euro Par07Xen Euro Par07
Xen Euro Par07
 
XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...
XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...
XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...
 
Zero footprint guest memory introspection from xen
Zero footprint guest memory introspection from xenZero footprint guest memory introspection from xen
Zero footprint guest memory introspection from xen
 
TechWiseTV Workshop: Catalyst Switching Programmability
TechWiseTV Workshop: Catalyst Switching ProgrammabilityTechWiseTV Workshop: Catalyst Switching Programmability
TechWiseTV Workshop: Catalyst Switching Programmability
 
Dependable Cloud Comuting
Dependable Cloud ComutingDependable Cloud Comuting
Dependable Cloud Comuting
 
Xen Community Update 2011
Xen Community Update 2011Xen Community Update 2011
Xen Community Update 2011
 
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
 
Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]
 
MSMDC_CLI363
MSMDC_CLI363MSMDC_CLI363
MSMDC_CLI363
 
MikeTaulty_WPF_DevDays
MikeTaulty_WPF_DevDaysMikeTaulty_WPF_DevDays
MikeTaulty_WPF_DevDays
 
Symbian OS - Client Server Framework
Symbian OS - Client Server FrameworkSymbian OS - Client Server Framework
Symbian OS - Client Server Framework
 
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
 
Azure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKS
Azure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKSAzure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKS
Azure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKS
 
Runtime 8 and Windows Phone 8
Runtime 8 and Windows Phone 8Runtime 8 and Windows Phone 8
Runtime 8 and Windows Phone 8
 

Mehr von The Linux Foundation

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleThe Linux Foundation
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...The Linux Foundation
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...The Linux Foundation
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportThe Linux Foundation
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...The Linux Foundation
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxThe Linux Foundation
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...The Linux Foundation
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderThe Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...The Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...The Linux Foundation
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixThe Linux Foundation
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdThe Linux Foundation
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...The Linux Foundation
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DThe Linux Foundation
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsThe Linux Foundation
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...The Linux Foundation
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...The Linux Foundation
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...The Linux Foundation
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEThe Linux Foundation
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityThe Linux Foundation
 

Mehr von The Linux Foundation (20)

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made Simple
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather Report
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
 

Kürzlich hochgeladen

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 

Kürzlich hochgeladen (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 

XS Boston 2008 Malware & Training

  • 1. Novel Applications of Xen: Virtual Training & Malware Evaluation June 23, 2008 Stephen Brueckner ATC-NY Ithaca, NY ATC-NY Architecture Technology Corporation
  • 2. Introduction Novel applications Not typical enterprise usage User works both inside & outside VMs One user interacts with many VMs Minimize external footprint inside VMs User space Minimal changes to Xen Scripting using “xm” commands Xen Summit Boston 2008 ATC-NY 08-018 2
  • 3. Projects CYDEST (virtual training environment) Management interface Automating access to VM internals EXAMIN (malware testing environment) VM configuration tool VM introspection work Started 3 and 2 years ago, respectively Xen Summit Boston 2008 ATC-NY 08-018 3
  • 4. Objectives Inform you of our projects’ requirements Show you the tools we developed Describe Xen features we built upon While seeking advice on alternatives Provide feedback to Xen community Problems Wish lists Questions Xen Summit Boston 2008 ATC-NY 08-018 4
  • 5. CYDEST: Cyber Defense Trainer Realism Real attacks & defense tools Both network and hosts Full fidelity (not a simulator) Availability Web access Up 24/7/365 Automation Auto-assessment Automated dynamic attacks Xen Summit Boston 2008 ATC-NY 08-018 5
  • 6. CYDEST Architecture Xen Summit Boston 2008 ATC-NY 08-018 6
  • 7. Trainee’s Management Interface Goal: Maintain trainee’s situational awareness Graphical representation (with labels) Net topology, hostnames, IPs, OSs Component Status (using colors) VMs & bridges: “up,” down, booting/shutting down Controls (buttons) Start, Stop, VNC Implementation Web-enabled Manually configured Xen Summit Boston 2008 ATC-NY 08-018 7
  • 8. CYDEST Management GUI Xen Summit Boston 2008 ATC-NY 08-018 8
  • 9. Monitor & Control Channels Requirements Automatable Out-of-band (network traffic not visible to trainee) Reliable (not network dependent) Solution Separate networks (physical & virtual ) Use guest’s serial consoles Program to negotiate guest interaction Consoles to control Windows VMs Windows serial console listener and shell Unfortunately, violates guest sanctity Xen Summit Boston 2008 ATC-NY 08-018 9
  • 10. CYDEST Network Separation Xen Summit Boston 2008 ATC-NY 08-018 10
  • 11. Monitor & Control Channels (cont.) open2xm.pl Automated console interactions Queueing of access requests External & internal timeouts Buffering I/O (for processes, not humans) XML encapsulation (separation of stdout and sterr) Handles login (handles various users & prompts) Batch mode Implementation Scripted using “xm console” Currently experimenting with Xen API (XML RPC) Xen Summit Boston 2008 ATC-NY 08-018 11
  • 12. EXAMIN: Exploit and Malware Incubator A testing/reverse engineering platform Motivation: Closed-sourced software has uncertain pedigree May therefore include embedded malicious code Virtualization is common approach VM detection currently an anti-tamper technique… Not anticipated to be an issue in the future Xen Summit Boston 2008 ATC-NY 08-018 12
  • 13. EXAMIN Design Native kernels (HVMs) Stealthy malware may not execute in paravirt E.g., LKM rootkit expecting “sysenter_entry” Components Incubator: the VM network Instrumentation Internal: standard tools External: VM introspection Xen Summit Boston 2008 ATC-NY 08-018 13
  • 14. EXAMIN Incubator Creation Objective: User-configurable heterogeneous VM network Virtual Network Builder (VNB) Front-end topology editor Back-end VM provisioning Linux (dead image manipulation) mount, chroot, rpm Windows (provisioning live VMs) Because registry can’t be modified w/o Win API Xen Summit Boston 2008 ATC-NY 08-018 14
  • 15. EXAMIN VNB Xen Summit Boston 2008 ATC-NY 08-018 15
  • 16. EXAMIN External Instrumentation High-assurance security monitoring services VM introspection of guest kernel’s memory Using XenAccess (open source introspection library) Current services: Integrity checking kernel & processes Code segments Specific structures (IDT, system call table) “Mostly static” structures (module list) Cross-view checking High assurance versions of standard HIDS NIDS (not true VM introspection) Xen Summit Boston 2008 ATC-NY 08-018 16
  • 17. EXAMIN: Bridging Semantic Gap Xen Summit Boston 2008 ATC-NY 08-018 17
  • 18. Bridging Semantic Gap: Preview of WIP Automated Determine data structure layouts and magic numbers Generalizable to most OSs Implemented for both Linux and Windows Run same code on host and guest No learning curve for a new language or API Ease porting of existing apps Attend VMsec/CCS in October for details Paper submitted… Xen Summit Boston 2008 ATC-NY 08-018 18
  • 19. Problems EXAMIN: guest isolation guarantees important Continuous security bug fixes Hypervisor inspection/validation concept practical? Others are working hard on this Xen’s rapid development Changing APIs Emerging tools Both are poorly documented Xen Summit Boston 2008 ATC-NY 08-018 19
  • 20. Wish List Faster serial console or equivalent channel EXAMIN’s cross-view checking needs to stream large pcap files from guest to host Multiple serial consoles CYDEST’s queueing of simultaneous access requests isn’t optimal Limit of >3 vif’s on a guest? Never mind…new Xen handles up to 8 vifs Xen Summit Boston 2008 ATC-NY 08-018 20
  • 21. Questions Are there other management interfaces we should look at? We have unusual requirements Graph-drawing capability for network topology Integrated remote VNC/shell access Display & control of bridges Display of VM internals (hostnames, IPs, OSs) Web browser interface Xen Summit Boston 2008 ATC-NY 08-018 21
  • 22. Questions (cont.) Are there other VM builders we should be considering? MLN was originally UML, not a very active project Our requirements: GUI network builder VM configuration: network, users, software Support Linux and Windows Xen Summit Boston 2008 ATC-NY 08-018 22
  • 23. Contact Information ATC-NY Cornell Business & Technology Park 33 Thornwood Drive, Suite 500 Ithaca, NY 14850 Technical Contacts: Mr. Stephen Brueckner, PI Dr. Frank Adelstein, Co-PI (607) 266-7118 (607) 266-7104 steve@atc-nycorp.com fadelstein@atc-nycorp.com Management Contact: Business Development Contact: Ms. Julie Baker Mr. Gene Proctor (607) 266-7125 (202) 293-9701 x113 jbaker@atc-nycorp.com gproctor@atcorp-dc.com Xen Summit Boston 2008 ATC-NY 08-018 23