Linux Symposium, July 13th - 17th, 2009, Montreal, Canada
Centre Mont-Royal
Montreal, Canada
July 13-17, 2009

Register / Login

CFP
Paper Guide

Schedule

Keynotes
Summits
Presentations
Tutorials
Project Updates
BOFS

Venue
Travel & Hotel
Costs & Savings

FAQ

Media
Archives
Contact

Home



Kolumbo, stealth malware analysis

Julien Desfossez (julien.desfossez@revolutionlinux.com)

In this project update will be presented and demonstrated Kolumbo, a kernel module designed to assist malware analysis. The main goal of Kolumbo is to allow researchers to study programs without the risk of detection by anti-debugging techniques.

As of now, Kolumbo is able to prevent ptrace and software breakpoint detection. It can also be programmed to dump the content of a program memory for static analysis which is useful when one has to deal with "packed" (encrypted) program.

In this session, these features will be demonstrated and we'll talk about the future of Kolumbo. So if you're interested in malware analysis and anti-anti-debugging techniques, then come.



Major Sponsors
Minor Sponsors
Wireless Networking

register | call for papers

Copyright © 2009 Linux Symposium Inc. All rights reserved.
Linux is a registered trademark of Linus Torvalds.