Using Hardware Features for Increased Debugging Transparency
Offered By: IEEE via YouTube
Course Description
Overview
Explore a cutting-edge debugging framework that leverages System Management Mode in x86 architecture to analyze malware transparently. Dive into MALT, a system designed to overcome the limitations of virtualization and emulation-based malware analysis techniques. Learn how this approach reduces software-level attack surfaces and enhances debugging transparency. Discover MALT's various debugging functions, including register/memory accesses, breakpoints, and four stepping modes. Examine the implementation and experimental results of MALT on physical machines, testing its effectiveness against anti-virtualization, anti-emulation, and packing techniques. Understand the performance implications and overheads of this innovative approach on both Windows and Linux platforms. Gain insights into the future of malware analysis and the potential for more robust cybersecurity defenses.
Syllabus
Introduction
Overview
Motivation
Limitations
Description
Traditional Debugging
Stepbystep Execution
Evaluation Results
Transparency Analysis
Performance Analysis
Conclusion
References
Bloopers
Whats the difference between my work and bearbox
Timing issues
Timing information
Overhead
Performance Evaluation
Debugging Register
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network