POSITIVE HACK DAYS



ORGANIZER

Fast Track


Download the full program in PDF.

Virtual Machine Introspection – a Way to Track an Attacker in the Cloud

Author: Nazar Tymoshyk

With modern world moving into the cloud, Virtual Machine Introspection is becoming a new promising approach of tracking attackers as well as full user activities monitoring in datacenter using virtualization. In this report, the speaker will present how to resolve and implement VMI approach for VirtualBox for honeypot project and enable feature to grab all activities of hacker or insider. VMI is like keylogger that is able to control all hosted virtual machines on hypervisor level. The talk will also uncover how existing cloud providers may use and track all cloud instances on Amazon and Rackspace.

  • Language
  • Russian

Software Security Engineer and senior Penetration tester, worked in different Ukrainian outsourcing companies like SoftServe, Eleks, Symphony-Solutions. Specialized in web and mobile application security, but main direction of research was honeypot systems as approach for early attack detection. Lead of OWASP local community in Lviv. Author of owasp-lviv.blogspot.com. Ph.D. in Information Security. Certified Ethical Hacker.

Nazar Tymoshyk Nazar Tymoshyk

Back to the list