Centre Mont-Royal
Montreal, Canada
July 13-17, 2009
Montreal, Canada
July 13-17, 2009
|
|
Centre Mont-Royal
Montreal, Canada July 13-17, 2009 |
|||||
|
Keynotes
Venue
|
Kolumbo, stealth malware analysisJulien Desfossez (julien.desfossez@revolutionlinux.com)In this project update will be presented and demonstrated Kolumbo, a kernel module designed to assist malware analysis. The main goal of Kolumbo is to allow researchers to study programs without the risk of detection by anti-debugging techniques. As of now, Kolumbo is able to prevent ptrace and software breakpoint detection. It can also be programmed to dump the content of a program memory for static analysis which is useful when one has to deal with "packed" (encrypted) program. In this session, these features will be demonstrated and we'll talk about the future of Kolumbo. So if you're interested in malware analysis and anti-anti-debugging techniques, then come. |
| |||||||||||||||||
|
Copyright © 2009 Linux Symposium Inc. All rights reserved. |
|||||||||||||||||||
