YoVDO

Using the Observer Effect and Cyber Feng Shui - Jacob Torrey

Offered By: Hack In The Box Security Conference via YouTube

Tags

Hack In The Box Security Conference Courses Cybersecurity Courses Reverse Engineering Courses System Architecture Courses Remote Attestation Courses

Course Description

Overview

Explore the intricacies of cybersecurity and system architecture in this 50-minute conference talk from the Hack In The Box Security Conference. Delve into the observer effect in computer systems and learn how attackers can exploit architectural "tells" to detect monitoring and analysis tools. Discover techniques for remote attestation and system integrity verification. Examine the use of Physically Unclonable Functions (PUFs) for device-specific keying and system authentication. Gain insights into creating "trusted" implant networks that can evade analysis and protect sensitive data. Follow along as the speaker demonstrates practical applications of these concepts, including BIOS manipulation, hypervisor development, and CPU isolation techniques. Explore challenges in VM detection, manufacturing variants, and various PUF implementations across different hardware components. Conclude with a discussion on the implications of these techniques for cybersecurity and future research directions.

Syllabus

Intro
Questions
Who am I
Red Team
Three Tools
Trusted Computing
Static Measurement
TPMs
Remote attestation
Virtual machine introspection
Paranoidfish
CPU Isolation
Shared Resources
Cash Teller
rootkit
gadgets
Secure Node
Secure Node Demo
Challenges
VM Detection
Manufacturing Variants
Challenge
Puffs
Secret Sharing
Error Correction Codes
SRAM Example
Other Techniques
FPGAs
Flash
EEPROM
Row Hammer
Github
Root Trust Key
Zelda Theme Execution
TLB Background
Hypervisor
Reverse Engineering
Chain of Trust
Observer Effect
Conclusion
Future Work
Time Overhead


Taught by

Hack In The Box Security Conference

Related Courses

Exploring Modern and Secure Operations of Kubernetes Clusters on the Edge
Open Data Science via YouTube
OAT - Attesting Operation Integrity of Embedded Devices
IEEE via YouTube
The Remote Working Security Conundrum - What Is Reasonably Secure Anyway?
USENIX via YouTube
Riverbed - Enforcing User-defined Privacy Constraints in Distributed Web Services
USENIX via YouTube
Using TPMs to Cryptographically Verify Devices at Scale
Linux Foundation via YouTube