About speaker: Joanna Rutkowska is a recognized researcher in the field of stealth malware and system compromises. Over the past several years she has introduced several breakthrough concepts and techniques on both the offensive and defensive side in this field. Her work has been quoted multiple times by international press and she is also a frequent speaker at security conferences around the world. In 2007 she has founded Invisible Things Lab, a consulting company dedicated for cutting edge research into operating systems and virtualization security.
Talk: Security Challenges in Virtualized Environments
Abstrakt: This presentation tries to show different security problems that might arise in virtualized environments. It first talks about virtualization based rootkits (e.g. “Blue Pill”) — what so special about them, clarifies some misunderstandings and also discusses how real this threat is today. It also touches on the subject of virtual machine isolation and why we should aim towards thin hardware-based hypervisors. A related subject of “trusted” VMMs is also discussed, especially in the context of e.g. the Trusted Execution technology and how this relates to e.g. virtualization based malware. Finally, nested virtualization and its | impact on security of virtualized systems is analyzed.