SlideShare uma empresa Scribd logo

XS Boston 2008 Malware & Training

The Linux Foundation
The Linux Foundation

Stephen Brueckner: Novel Applications of Xen: Virtual Training & Malware

Tecnologia
1 de 23
Baixar para ler offline
Novel Applications of Xen: Virtual Training & Malware Evaluation June 23, 2008 Stephen Brueckner ATC-NY Ithaca, NY ATC-NY Architecture Technology Corporation
Introduction Novel applications Not typical enterprise usage User works both inside & outside VMs One user interacts with many VMs Minimize external footprint inside VMs User space Minimal changes to Xen Scripting using “xm” commands Xen Summit Boston 2008 ATC-NY 08-018 2
Projects CYDEST (virtual training environment) Management interface Automating access to VM internals EXAMIN (malware testing environment) VM configuration tool VM introspection work Started 3 and 2 years ago, respectively Xen Summit Boston 2008 ATC-NY 08-018 3
Objectives Inform you of our projects’ requirements Show you the tools we developed Describe Xen features we built upon While seeking advice on alternatives Provide feedback to Xen community Problems Wish lists Questions Xen Summit Boston 2008 ATC-NY 08-018 4
CYDEST: Cyber Defense Trainer Realism Real attacks & defense tools Both network and hosts Full fidelity (not a simulator) Availability Web access Up 24/7/365 Automation Auto-assessment Automated dynamic attacks Xen Summit Boston 2008 ATC-NY 08-018 5
CYDEST Architecture Xen Summit Boston 2008 ATC-NY 08-018 6
Trainee’s Management Interface Goal: Maintain trainee’s situational awareness Graphical representation (with labels) Net topology, hostnames, IPs, OSs Component Status (using colors) VMs & bridges: “up,” down, booting/shutting down Controls (buttons) Start, Stop, VNC Implementation Web-enabled Manually configured Xen Summit Boston 2008 ATC-NY 08-018 7
CYDEST Management GUI Xen Summit Boston 2008 ATC-NY 08-018 8
Monitor & Control Channels Requirements Automatable Out-of-band (network traffic not visible to trainee) Reliable (not network dependent) Solution Separate networks (physical & virtual ) Use guest’s serial consoles Program to negotiate guest interaction Consoles to control Windows VMs Windows serial console listener and shell Unfortunately, violates guest sanctity Xen Summit Boston 2008 ATC-NY 08-018 9
CYDEST Network Separation Xen Summit Boston 2008 ATC-NY 08-018 10
Monitor & Control Channels (cont.) open2xm.pl Automated console interactions Queueing of access requests External & internal timeouts Buffering I/O (for processes, not humans) XML encapsulation (separation of stdout and sterr) Handles login (handles various users & prompts) Batch mode Implementation Scripted using “xm console” Currently experimenting with Xen API (XML RPC) Xen Summit Boston 2008 ATC-NY 08-018 11
EXAMIN: Exploit and Malware Incubator A testing/reverse engineering platform Motivation: Closed-sourced software has uncertain pedigree May therefore include embedded malicious code Virtualization is common approach VM detection currently an anti-tamper technique… Not anticipated to be an issue in the future Xen Summit Boston 2008 ATC-NY 08-018 12
EXAMIN Design Native kernels (HVMs) Stealthy malware may not execute in paravirt E.g., LKM rootkit expecting “sysenter_entry” Components Incubator: the VM network Instrumentation Internal: standard tools External: VM introspection Xen Summit Boston 2008 ATC-NY 08-018 13
EXAMIN Incubator Creation Objective: User-configurable heterogeneous VM network Virtual Network Builder (VNB) Front-end topology editor Back-end VM provisioning Linux (dead image manipulation) mount, chroot, rpm Windows (provisioning live VMs) Because registry can’t be modified w/o Win API Xen Summit Boston 2008 ATC-NY 08-018 14
EXAMIN VNB Xen Summit Boston 2008 ATC-NY 08-018 15
EXAMIN External Instrumentation High-assurance security monitoring services VM introspection of guest kernel’s memory Using XenAccess (open source introspection library) Current services: Integrity checking kernel & processes Code segments Specific structures (IDT, system call table) “Mostly static” structures (module list) Cross-view checking High assurance versions of standard HIDS NIDS (not true VM introspection) Xen Summit Boston 2008 ATC-NY 08-018 16
EXAMIN: Bridging Semantic Gap Xen Summit Boston 2008 ATC-NY 08-018 17
Bridging Semantic Gap: Preview of WIP Automated Determine data structure layouts and magic numbers Generalizable to most OSs Implemented for both Linux and Windows Run same code on host and guest No learning curve for a new language or API Ease porting of existing apps Attend VMsec/CCS in October for details Paper submitted… Xen Summit Boston 2008 ATC-NY 08-018 18
Problems EXAMIN: guest isolation guarantees important Continuous security bug fixes Hypervisor inspection/validation concept practical? Others are working hard on this Xen’s rapid development Changing APIs Emerging tools Both are poorly documented Xen Summit Boston 2008 ATC-NY 08-018 19
Wish List Faster serial console or equivalent channel EXAMIN’s cross-view checking needs to stream large pcap files from guest to host Multiple serial consoles CYDEST’s queueing of simultaneous access requests isn’t optimal Limit of >3 vif’s on a guest? Never mind…new Xen handles up to 8 vifs Xen Summit Boston 2008 ATC-NY 08-018 20
Questions Are there other management interfaces we should look at? We have unusual requirements Graph-drawing capability for network topology Integrated remote VNC/shell access Display & control of bridges Display of VM internals (hostnames, IPs, OSs) Web browser interface Xen Summit Boston 2008 ATC-NY 08-018 21
Questions (cont.) Are there other VM builders we should be considering? MLN was originally UML, not a very active project Our requirements: GUI network builder VM configuration: network, users, software Support Linux and Windows Xen Summit Boston 2008 ATC-NY 08-018 22
Contact Information ATC-NY Cornell Business & Technology Park 33 Thornwood Drive, Suite 500 Ithaca, NY 14850 Technical Contacts: Mr. Stephen Brueckner, PI Dr. Frank Adelstein, Co-PI (607) 266-7118 (607) 266-7104 steve@atc-nycorp.com fadelstein@atc-nycorp.com Management Contact: Business Development Contact: Ms. Julie Baker Mr. Gene Proctor (607) 266-7125 (202) 293-9701 x113 jbaker@atc-nycorp.com gproctor@atcorp-dc.com Xen Summit Boston 2008 ATC-NY 08-018 23

Recomendados

XS Japan 2008 Project Status English
XS Japan 2008 Project Status EnglishXS Japan 2008 Project Status English
XS Japan 2008 Project Status EnglishThe Linux Foundation
 
XS Boston 2008 OVF
XS Boston 2008 OVFXS Boston 2008 OVF
XS Boston 2008 OVFThe Linux Foundation
 
XS Japan 2008 BitVisor English
XS Japan 2008 BitVisor EnglishXS Japan 2008 BitVisor English
XS Japan 2008 BitVisor EnglishThe Linux Foundation
 
Ian Prattlinuxworld Xen Aug2008
Ian Prattlinuxworld Xen Aug2008Ian Prattlinuxworld Xen Aug2008
Ian Prattlinuxworld Xen Aug2008The Linux Foundation
 
XS 2008 Boston VTPM
XS 2008 Boston VTPMXS 2008 Boston VTPM
XS 2008 Boston VTPMThe Linux Foundation
 
XS Boston 2008 Project Status
XS Boston 2008 Project StatusXS Boston 2008 Project Status
XS Boston 2008 Project StatusThe Linux Foundation
 
XS Boston 2008 Self IO Emulation
XS Boston 2008 Self IO EmulationXS Boston 2008 Self IO Emulation
XS Boston 2008 Self IO EmulationThe Linux Foundation
 
XS Boston 2008 Network Topology
XS Boston 2008 Network TopologyXS Boston 2008 Network Topology
XS Boston 2008 Network TopologyThe Linux Foundation
 

Recomendados

XS Japan 2008 Project Status English
XS Japan 2008 Project Status EnglishXS Japan 2008 Project Status English
XS Japan 2008 Project Status EnglishThe Linux Foundation
 
XS Boston 2008 OVF
XS Boston 2008 OVFXS Boston 2008 OVF
XS Boston 2008 OVFThe Linux Foundation
 
XS Japan 2008 BitVisor English
XS Japan 2008 BitVisor EnglishXS Japan 2008 BitVisor English
XS Japan 2008 BitVisor EnglishThe Linux Foundation
 
Ian Prattlinuxworld Xen Aug2008
Ian Prattlinuxworld Xen Aug2008Ian Prattlinuxworld Xen Aug2008
Ian Prattlinuxworld Xen Aug2008The Linux Foundation
 
XS 2008 Boston VTPM
XS 2008 Boston VTPMXS 2008 Boston VTPM
XS 2008 Boston VTPMThe Linux Foundation
 
XS Boston 2008 Project Status
XS Boston 2008 Project StatusXS Boston 2008 Project Status
XS Boston 2008 Project StatusThe Linux Foundation
 
XS Boston 2008 Self IO Emulation
XS Boston 2008 Self IO EmulationXS Boston 2008 Self IO Emulation
XS Boston 2008 Self IO EmulationThe Linux Foundation
 
XS Boston 2008 Network Topology
XS Boston 2008 Network TopologyXS Boston 2008 Network Topology
XS Boston 2008 Network TopologyThe Linux Foundation
 
XS Boston 2008 OpenSolaris
XS Boston 2008 OpenSolarisXS Boston 2008 OpenSolaris
XS Boston 2008 OpenSolarisThe Linux Foundation
 
XS Oracle 2009 Intro Slides
XS Oracle 2009 Intro SlidesXS Oracle 2009 Intro Slides
XS Oracle 2009 Intro SlidesThe Linux Foundation
 
Ina Pratt Fosdem Feb2008
Ina Pratt Fosdem Feb2008Ina Pratt Fosdem Feb2008
Ina Pratt Fosdem Feb2008The Linux Foundation
 
XS Boston 2008 Fault Tolerance
XS Boston 2008 Fault ToleranceXS Boston 2008 Fault Tolerance
XS Boston 2008 Fault ToleranceThe Linux Foundation
 
Ian Pratt Usenix 08 Keynote
Ian Pratt Usenix 08 KeynoteIan Pratt Usenix 08 Keynote
Ian Pratt Usenix 08 KeynoteThe Linux Foundation
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 
Nakajima numa-final
Nakajima numa-finalNakajima numa-final
Nakajima numa-finalThe Linux Foundation
 
XS Japan 2008 Citrix English
XS Japan 2008 Citrix EnglishXS Japan 2008 Citrix English
XS Japan 2008 Citrix EnglishThe Linux Foundation
 
XS Japan 2008 App Data English
XS Japan 2008 App Data EnglishXS Japan 2008 App Data English
XS Japan 2008 App Data EnglishThe Linux Foundation
 
XS Japan 2008 Ganeti English
XS Japan 2008 Ganeti EnglishXS Japan 2008 Ganeti English
XS Japan 2008 Ganeti EnglishThe Linux Foundation
 
Security Best Practices For Hyper V And Server Virtualization
Security Best Practices For Hyper V And Server VirtualizationSecurity Best Practices For Hyper V And Server Virtualization
Security Best Practices For Hyper V And Server Virtualizationrsnarayanan
 
Linux Foundation Collaboration Summit 13 :10 years of Xen and Beyond
Linux Foundation Collaboration Summit 13 :10 years of Xen and BeyondLinux Foundation Collaboration Summit 13 :10 years of Xen and Beyond
Linux Foundation Collaboration Summit 13 :10 years of Xen and BeyondThe Linux Foundation
 
LCA13: Xen on ARM
LCA13: Xen on ARMLCA13: Xen on ARM
LCA13: Xen on ARMLinaro
 
Hypervisors
HypervisorsHypervisors
HypervisorsInzemamul Haque
 
OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training The Linux Foundation
 
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...The Linux Foundation
 
µ-Xen
µ-Xenµ-Xen
µ-XenLars Kurth
 
Virtualization Technology Overview
Virtualization Technology OverviewVirtualization Technology Overview
Virtualization Technology OverviewOpenCity Community
 
XS Boston 2008 VT-D PCI
XS Boston 2008 VT-D PCIXS Boston 2008 VT-D PCI
XS Boston 2008 VT-D PCIThe Linux Foundation
 
Mobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesMobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesThe Linux Foundation
 
A Xen Case Study
A Xen Case StudyA Xen Case Study
A Xen Case StudyKris Buytaert
 
DC Metro And Federal VMUG March 2009
DC Metro And Federal VMUG March 2009DC Metro And Federal VMUG March 2009
DC Metro And Federal VMUG March 2009langonej
 

Mais conteúdo relacionado

Mais procurados

XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 
Security Best Practices For Hyper V And Server Virtualization
Security Best Practices For Hyper V And Server VirtualizationSecurity Best Practices For Hyper V And Server Virtualization
Security Best Practices For Hyper V And Server Virtualizationrsnarayanan
 
Linux Foundation Collaboration Summit 13 :10 years of Xen and Beyond
Linux Foundation Collaboration Summit 13 :10 years of Xen and BeyondLinux Foundation Collaboration Summit 13 :10 years of Xen and Beyond
Linux Foundation Collaboration Summit 13 :10 years of Xen and BeyondThe Linux Foundation
 
LCA13: Xen on ARM
LCA13: Xen on ARMLCA13: Xen on ARM
LCA13: Xen on ARMLinaro
 
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...The Linux Foundation
 
Virtualization Technology Overview
Virtualization Technology OverviewVirtualization Technology Overview
Virtualization Technology OverviewOpenCity Community
 
Mobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesMobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesThe Linux Foundation
 

Mais procurados (20)

XS Boston 2008 OpenSolaris
XS Boston 2008 OpenSolarisXS Boston 2008 OpenSolaris
XS Boston 2008 OpenSolaris
 
XS Oracle 2009 Intro Slides
XS Oracle 2009 Intro SlidesXS Oracle 2009 Intro Slides
XS Oracle 2009 Intro Slides
 
Ina Pratt Fosdem Feb2008
Ina Pratt Fosdem Feb2008Ina Pratt Fosdem Feb2008
Ina Pratt Fosdem Feb2008
 
XS Boston 2008 Fault Tolerance
XS Boston 2008 Fault ToleranceXS Boston 2008 Fault Tolerance
XS Boston 2008 Fault Tolerance
 
Ian Pratt Usenix 08 Keynote
Ian Pratt Usenix 08 KeynoteIan Pratt Usenix 08 Keynote
Ian Pratt Usenix 08 Keynote
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
 
Nakajima numa-final
Nakajima numa-finalNakajima numa-final
Nakajima numa-final
 
XS Japan 2008 Citrix English
XS Japan 2008 Citrix EnglishXS Japan 2008 Citrix English
XS Japan 2008 Citrix English
 
XS Japan 2008 App Data English
XS Japan 2008 App Data EnglishXS Japan 2008 App Data English
XS Japan 2008 App Data English
 
XS Japan 2008 Ganeti English
XS Japan 2008 Ganeti EnglishXS Japan 2008 Ganeti English
XS Japan 2008 Ganeti English
 
Security Best Practices For Hyper V And Server Virtualization
Security Best Practices For Hyper V And Server VirtualizationSecurity Best Practices For Hyper V And Server Virtualization
Security Best Practices For Hyper V And Server Virtualization
 
Linux Foundation Collaboration Summit 13 :10 years of Xen and Beyond
Linux Foundation Collaboration Summit 13 :10 years of Xen and BeyondLinux Foundation Collaboration Summit 13 :10 years of Xen and Beyond
Linux Foundation Collaboration Summit 13 :10 years of Xen and Beyond
 
LCA13: Xen on ARM
LCA13: Xen on ARMLCA13: Xen on ARM
LCA13: Xen on ARM
 
Hypervisors
HypervisorsHypervisors
Hypervisors
 
OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training
 
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
XDF18: Heterogeneous Real-Time SoC Software Architecture - Stefano Stabellini...
 
µ-Xen
µ-Xenµ-Xen
µ-Xen
 
Virtualization Technology Overview
Virtualization Technology OverviewVirtualization Technology Overview
Virtualization Technology Overview
 
XS Boston 2008 VT-D PCI
XS Boston 2008 VT-D PCIXS Boston 2008 VT-D PCI
XS Boston 2008 VT-D PCI
 
Mobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesMobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen Technologies
 

Semelhante a XS Boston 2008 Malware & Training

DC Metro And Federal VMUG March 2009
DC Metro And Federal VMUG March 2009DC Metro And Federal VMUG March 2009
DC Metro And Federal VMUG March 2009langonej
 
IRJET - Analysis of Virtual Machine in Digital Forensics
IRJET - Analysis of Virtual Machine in Digital ForensicsIRJET - Analysis of Virtual Machine in Digital Forensics
IRJET - Analysis of Virtual Machine in Digital ForensicsIRJET Journal
 
“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...
“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...
“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...Design World
 
Openstack Icehouse IaaS Presentation
Openstack Icehouse IaaS PresentationOpenstack Icehouse IaaS Presentation
Openstack Icehouse IaaS Presentationemad ahmed
 
The Next Step of OpenStack Evolution for NFV Deployments
The Next Step of OpenStack Evolution for NFV DeploymentsThe Next Step of OpenStack Evolution for NFV Deployments
The Next Step of OpenStack Evolution for NFV DeploymentsDirk Kutscher
 
Xen Euro Par07
Xen Euro Par07Xen Euro Par07
Xen Euro Par07congvc
 
XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...
XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...
XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...The Linux Foundation
 
Zero footprint guest memory introspection from xen
Zero footprint guest memory introspection from xenZero footprint guest memory introspection from xen
Zero footprint guest memory introspection from xenBitdefender Enterprise
 
TechWiseTV Workshop: Catalyst Switching Programmability
TechWiseTV Workshop: Catalyst Switching ProgrammabilityTechWiseTV Workshop: Catalyst Switching Programmability
TechWiseTV Workshop: Catalyst Switching ProgrammabilityRobb Boyd
 
Dependable Cloud Comuting
Dependable Cloud ComutingDependable Cloud Comuting
Dependable Cloud ComutingKazuhiko Kato
 
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...The Linux Foundation
 
Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]Louis Göhl
 
MSMDC_CLI363
MSMDC_CLI363MSMDC_CLI363
MSMDC_CLI363mokacao
 
MikeTaulty_WPF_DevDays
MikeTaulty_WPF_DevDaysMikeTaulty_WPF_DevDays
MikeTaulty_WPF_DevDaysukdpe
 
Symbian OS - Client Server Framework
Symbian OS - Client Server FrameworkSymbian OS - Client Server Framework
Symbian OS - Client Server FrameworkAndreas Jakl
 
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...Puppet
 
Azure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKS
Azure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKSAzure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKS
Azure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKSazuredayit
 
Runtime 8 and Windows Phone 8
Runtime 8 and Windows Phone 8Runtime 8 and Windows Phone 8
Runtime 8 and Windows Phone 8Damir Dobric
 

Semelhante a XS Boston 2008 Malware & Training (20)

A Xen Case Study
A Xen Case StudyA Xen Case Study
A Xen Case Study
 
DC Metro And Federal VMUG March 2009
DC Metro And Federal VMUG March 2009DC Metro And Federal VMUG March 2009
DC Metro And Federal VMUG March 2009
 
IRJET - Analysis of Virtual Machine in Digital Forensics
IRJET - Analysis of Virtual Machine in Digital ForensicsIRJET - Analysis of Virtual Machine in Digital Forensics
IRJET - Analysis of Virtual Machine in Digital Forensics
 
“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...
“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...
“eXtending” the Automation Toolbox: Introduction to TwinCAT 3 Software and eX...
 
Openstack Icehouse IaaS Presentation
Openstack Icehouse IaaS PresentationOpenstack Icehouse IaaS Presentation
Openstack Icehouse IaaS Presentation
 
The Next Step of OpenStack Evolution for NFV Deployments
The Next Step of OpenStack Evolution for NFV DeploymentsThe Next Step of OpenStack Evolution for NFV Deployments
The Next Step of OpenStack Evolution for NFV Deployments
 
Xen Euro Par07
Xen Euro Par07Xen Euro Par07
Xen Euro Par07
 
XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...
XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...
XPDS16: Hypervisor-based Security: Vicarious Learning via Introspektioneerin...
 
Zero footprint guest memory introspection from xen
Zero footprint guest memory introspection from xenZero footprint guest memory introspection from xen
Zero footprint guest memory introspection from xen
 
TechWiseTV Workshop: Catalyst Switching Programmability
TechWiseTV Workshop: Catalyst Switching ProgrammabilityTechWiseTV Workshop: Catalyst Switching Programmability
TechWiseTV Workshop: Catalyst Switching Programmability
 
Dependable Cloud Comuting
Dependable Cloud ComutingDependable Cloud Comuting
Dependable Cloud Comuting
 
Xen Community Update 2011
Xen Community Update 2011Xen Community Update 2011
Xen Community Update 2011
 
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
 
Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]
 
MSMDC_CLI363
MSMDC_CLI363MSMDC_CLI363
MSMDC_CLI363
 
MikeTaulty_WPF_DevDays
MikeTaulty_WPF_DevDaysMikeTaulty_WPF_DevDays
MikeTaulty_WPF_DevDays
 
Symbian OS - Client Server Framework
Symbian OS - Client Server FrameworkSymbian OS - Client Server Framework
Symbian OS - Client Server Framework
 
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
 
Azure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKS
Azure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKSAzure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKS
Azure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKS
 
Runtime 8 and Windows Phone 8
Runtime 8 and Windows Phone 8Runtime 8 and Windows Phone 8
Runtime 8 and Windows Phone 8
 

Mais de The Linux Foundation

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleThe Linux Foundation
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...The Linux Foundation
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...The Linux Foundation
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportThe Linux Foundation
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...The Linux Foundation
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxThe Linux Foundation
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...The Linux Foundation
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderThe Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...The Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...The Linux Foundation
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixThe Linux Foundation
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdThe Linux Foundation
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...The Linux Foundation
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DThe Linux Foundation
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsThe Linux Foundation
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...The Linux Foundation
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...The Linux Foundation
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...The Linux Foundation
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEThe Linux Foundation
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityThe Linux Foundation
 

Mais de The Linux Foundation (20)

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made Simple
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather Report
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
 

Último

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 

Último (20)

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 

XS Boston 2008 Malware & Training

  • 1. Novel Applications of Xen: Virtual Training & Malware Evaluation June 23, 2008 Stephen Brueckner ATC-NY Ithaca, NY ATC-NY Architecture Technology Corporation
  • 2. Introduction Novel applications Not typical enterprise usage User works both inside & outside VMs One user interacts with many VMs Minimize external footprint inside VMs User space Minimal changes to Xen Scripting using “xm” commands Xen Summit Boston 2008 ATC-NY 08-018 2
  • 3. Projects CYDEST (virtual training environment) Management interface Automating access to VM internals EXAMIN (malware testing environment) VM configuration tool VM introspection work Started 3 and 2 years ago, respectively Xen Summit Boston 2008 ATC-NY 08-018 3
  • 4. Objectives Inform you of our projects’ requirements Show you the tools we developed Describe Xen features we built upon While seeking advice on alternatives Provide feedback to Xen community Problems Wish lists Questions Xen Summit Boston 2008 ATC-NY 08-018 4
  • 5. CYDEST: Cyber Defense Trainer Realism Real attacks & defense tools Both network and hosts Full fidelity (not a simulator) Availability Web access Up 24/7/365 Automation Auto-assessment Automated dynamic attacks Xen Summit Boston 2008 ATC-NY 08-018 5
  • 6. CYDEST Architecture Xen Summit Boston 2008 ATC-NY 08-018 6
  • 7. Trainee’s Management Interface Goal: Maintain trainee’s situational awareness Graphical representation (with labels) Net topology, hostnames, IPs, OSs Component Status (using colors) VMs & bridges: “up,” down, booting/shutting down Controls (buttons) Start, Stop, VNC Implementation Web-enabled Manually configured Xen Summit Boston 2008 ATC-NY 08-018 7
  • 8. CYDEST Management GUI Xen Summit Boston 2008 ATC-NY 08-018 8
  • 9. Monitor & Control Channels Requirements Automatable Out-of-band (network traffic not visible to trainee) Reliable (not network dependent) Solution Separate networks (physical & virtual ) Use guest’s serial consoles Program to negotiate guest interaction Consoles to control Windows VMs Windows serial console listener and shell Unfortunately, violates guest sanctity Xen Summit Boston 2008 ATC-NY 08-018 9
  • 10. CYDEST Network Separation Xen Summit Boston 2008 ATC-NY 08-018 10
  • 11. Monitor & Control Channels (cont.) open2xm.pl Automated console interactions Queueing of access requests External & internal timeouts Buffering I/O (for processes, not humans) XML encapsulation (separation of stdout and sterr) Handles login (handles various users & prompts) Batch mode Implementation Scripted using “xm console” Currently experimenting with Xen API (XML RPC) Xen Summit Boston 2008 ATC-NY 08-018 11
  • 12. EXAMIN: Exploit and Malware Incubator A testing/reverse engineering platform Motivation: Closed-sourced software has uncertain pedigree May therefore include embedded malicious code Virtualization is common approach VM detection currently an anti-tamper technique… Not anticipated to be an issue in the future Xen Summit Boston 2008 ATC-NY 08-018 12
  • 13. EXAMIN Design Native kernels (HVMs) Stealthy malware may not execute in paravirt E.g., LKM rootkit expecting “sysenter_entry” Components Incubator: the VM network Instrumentation Internal: standard tools External: VM introspection Xen Summit Boston 2008 ATC-NY 08-018 13
  • 14. EXAMIN Incubator Creation Objective: User-configurable heterogeneous VM network Virtual Network Builder (VNB) Front-end topology editor Back-end VM provisioning Linux (dead image manipulation) mount, chroot, rpm Windows (provisioning live VMs) Because registry can’t be modified w/o Win API Xen Summit Boston 2008 ATC-NY 08-018 14
  • 15. EXAMIN VNB Xen Summit Boston 2008 ATC-NY 08-018 15
  • 16. EXAMIN External Instrumentation High-assurance security monitoring services VM introspection of guest kernel’s memory Using XenAccess (open source introspection library) Current services: Integrity checking kernel & processes Code segments Specific structures (IDT, system call table) “Mostly static” structures (module list) Cross-view checking High assurance versions of standard HIDS NIDS (not true VM introspection) Xen Summit Boston 2008 ATC-NY 08-018 16
  • 17. EXAMIN: Bridging Semantic Gap Xen Summit Boston 2008 ATC-NY 08-018 17
  • 18. Bridging Semantic Gap: Preview of WIP Automated Determine data structure layouts and magic numbers Generalizable to most OSs Implemented for both Linux and Windows Run same code on host and guest No learning curve for a new language or API Ease porting of existing apps Attend VMsec/CCS in October for details Paper submitted… Xen Summit Boston 2008 ATC-NY 08-018 18
  • 19. Problems EXAMIN: guest isolation guarantees important Continuous security bug fixes Hypervisor inspection/validation concept practical? Others are working hard on this Xen’s rapid development Changing APIs Emerging tools Both are poorly documented Xen Summit Boston 2008 ATC-NY 08-018 19
  • 20. Wish List Faster serial console or equivalent channel EXAMIN’s cross-view checking needs to stream large pcap files from guest to host Multiple serial consoles CYDEST’s queueing of simultaneous access requests isn’t optimal Limit of >3 vif’s on a guest? Never mind…new Xen handles up to 8 vifs Xen Summit Boston 2008 ATC-NY 08-018 20
  • 21. Questions Are there other management interfaces we should look at? We have unusual requirements Graph-drawing capability for network topology Integrated remote VNC/shell access Display & control of bridges Display of VM internals (hostnames, IPs, OSs) Web browser interface Xen Summit Boston 2008 ATC-NY 08-018 21
  • 22. Questions (cont.) Are there other VM builders we should be considering? MLN was originally UML, not a very active project Our requirements: GUI network builder VM configuration: network, users, software Support Linux and Windows Xen Summit Boston 2008 ATC-NY 08-018 22
  • 23. Contact Information ATC-NY Cornell Business & Technology Park 33 Thornwood Drive, Suite 500 Ithaca, NY 14850 Technical Contacts: Mr. Stephen Brueckner, PI Dr. Frank Adelstein, Co-PI (607) 266-7118 (607) 266-7104 steve@atc-nycorp.com fadelstein@atc-nycorp.com Management Contact: Business Development Contact: Ms. Julie Baker Mr. Gene Proctor (607) 266-7125 (202) 293-9701 x113 jbaker@atc-nycorp.com gproctor@atcorp-dc.com Xen Summit Boston 2008 ATC-NY 08-018 23