YoVDO

Next Generation Mobile Rootkits

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Memory Management Courses Mobile Security Courses Trustzone Courses ARM Processors Courses Trusted Execution Environment Courses

Course Description

Overview

Explore the world of next-generation mobile rootkits in this Black Hat EU 2013 conference talk. Delve into the use of hardware security features in last-generation ARM processors to create and conceal rootkits that are virtually undetectable by operating systems. Learn about TrustZone technology, Trusted Execution Environments, and their applications in mobile security. Discover the attacker model, memory management in TrustZone, and the boot process for these advanced rootkits. Gain insights into hardware support, testing environments, and rootkit scheduling techniques. Examine IRQ interception, Secure World setup, and communication methods. Understand the challenges of interoperability and detection methods for these sophisticated mobile threats. Benefit from the speaker's practical experience in developing and hiding an actual rootkit using these cutting-edge techniques.

Syllabus

Intro
Mobile rootkits
What is TrustZone?
About TrustZone
Trusted Execution Environments
Example: Netflix
Attacker Model
How does it work?
Memory in TrustZone
Boot process
By the way
Hardware support
Where to test?
Scheduling the rootkit
IRQ'interception
Secure World Memory Setup
Secure World Initialization
Monitor setup
Lockdown: SCR
Start operating system
Communication
Interoperability
Detection methods
Thank you for staying!


Taught by

Black Hat

Related Courses

Real-Time Embedded Systems Concepts and Practices
University of Colorado Boulder via Coursera
STM32F4-KEIL-ARM Eğitimi
Udemy
Build Your Own RealTime OS (RTOS) From Ground Up™ on ARM 1
Udemy
FreeRTOS From Ground Up™ on ARM Processors (REVISED)
Udemy
Endpoint AI Revolution Driven by Standardized Computing Platform
tinyML via YouTube