Betriebssysteme · Institut für Systemarchitektur · Fakultät Informatik · TU Dresden

28. 04. 2017

SuperNOVA: Microkernel-based Malware Forensics

Markus Partheymüller

Cyberus Technology GmbH

Malware Analysts are facing increasingly challenging tasks in discovering and analyzing modern malware with existing tools. The reasons include evasion techniques to detect analysis environments and complicated control flows to obfuscate the actual behavior.
Based on the NOVA microhypervisor, developed here at TU Dresden, Cyberus Technology develops a Malware Forensics tool designed to enhance current analysis techniques. As a pass-through hypervisor, the tool provides an environment that is almost impossible to detect or circumvent. At the same time, advanced mechanisms, such as semantic breakpoints, make it easy for the analyst to trace malware behavior in an efficient way.
18. Apr 2018
· Copyright © 2001-2010 Operating Systems Group, TU Dresden | Impressum ·