ebook img

OS-SOMMELIER: Memory-Only Operating System Fingerprinting in PDF

74 Pages·2012·3.7 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview OS-SOMMELIER: Memory-Only Operating System Fingerprinting in

Motivation State-of-the-Art DetailedDesign Evaluation Conclusion OS-SOMMELIER: Memory-Only Operating System Fingerprinting in the Cloud YufeiGu†,YangchunFu†,AravindPrakash‡ Dr. ZhiqiangLin†,Dr. HengYin‡ †UniversityofTexasatDallas ‡SyracuseUniversity October16th,2012 Motivation State-of-the-Art DetailedDesign Evaluation Conclusion Outline 1 Motivation 2 State-of-the-Art 3 DetailedDesign 4 Evaluation 5 Conclusion OSFingerprintingintheCloud Givenavirtualmachine(VM) image(orarunninginstance), preciselyinferitsspecificOS kernelversions Motivation State-of-the-Art DetailedDesign Evaluation Conclusion What is OS Fingerprinting Motivation State-of-the-Art DetailedDesign Evaluation Conclusion What is OS Fingerprinting OSFingerprintingintheCloud Givenavirtualmachine(VM) image(orarunninginstance), preciselyinferitsspecificOS kernelversions 1 VirtualMachine Introspection[Garfinkeland Rosenblum,NDSS’03] 2 PenetrationTesting 3 VMManagement(Kernel Update) 4 MemoryForensics Motivation State-of-the-Art DetailedDesign Evaluation Conclusion Why we need OS Fingerprinting in the Cloud 2 PenetrationTesting 3 VMManagement(Kernel Update) 4 MemoryForensics Motivation State-of-the-Art DetailedDesign Evaluation Conclusion Why we need OS Fingerprinting in the Cloud 1 VirtualMachine Introspection[Garfinkeland Rosenblum,NDSS’03] 3 VMManagement(Kernel Update) 4 MemoryForensics Motivation State-of-the-Art DetailedDesign Evaluation Conclusion Why we need OS Fingerprinting in the Cloud 1 VirtualMachine Introspection[Garfinkeland Rosenblum,NDSS’03] 2 PenetrationTesting 4 MemoryForensics Motivation State-of-the-Art DetailedDesign Evaluation Conclusion Why we need OS Fingerprinting in the Cloud 1 VirtualMachine Introspection[Garfinkeland Rosenblum,NDSS’03] 2 PenetrationTesting 3 VMManagement(Kernel Update) Motivation State-of-the-Art DetailedDesign Evaluation Conclusion Why we need OS Fingerprinting in the Cloud 1 VirtualMachine Introspection[Garfinkeland Rosenblum,NDSS’03] 2 PenetrationTesting 3 VMManagement(Kernel Update) 4 MemoryForensics Usingatrusted,isolated,dedicated VMtomonitorotherVMs BinaryCodeReusebasedVMI Virtuoso[Dolan-Gavittetal, Oakland’11]: usingtrained existinglegacycodeto performVMI VMSpaceTraveler[FuandLin, Oakland’12]: dynamically instrumentinglegacybinary codetoperformVMI Motivation State-of-the-Art DetailedDesign Evaluation Conclusion Virtual Machine Introspection (VMI) [GarfinkelandRosenblum,NDSS’03] A Trusted OS Linux Win‐7 .. Secure‐VM Product‐VM Product‐VM Introspect Virtualization Layer Hardware Layer

Description:
Oct 16, 2012 Can be disabled: many modern OSes disable most of the network services as a UFO: Operating system .. 0x828182c5: 8b 0d 3c 4e 97 82.
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.