Betriebssysteme · Institut für Systemarchitektur · Fakultät Informatik · TU Dresden



28. 04. 2017

SuperNOVA: Microkernel-based Malware Forensics


Markus Partheymüller

Cyberus Technology GmbH


Malware Analysts are facing increasingly challenging tasks in discovering and analyzing modern malware with existing tools. The reasons include evasion techniques to detect analysis environments and complicated control flows to obfuscate the actual behavior.
Based on the NOVA microhypervisor, developed here at TU Dresden, Cyberus Technology develops a Malware Forensics tool designed to enhance current analysis techniques. As a pass-through hypervisor, the tool provides an environment that is almost impossible to detect or circumvent. At the same time, advanced mechanisms, such as semantic breakpoints, make it easy for the analyst to trace malware behavior in an efficient way.
18. Apr 2018
· Copyright © 2001-2010 Operating Systems Group, TU Dresden | Impressum ·